php – CSRF token mismatch laravel airlock axios-ThrowExceptions

Exception or error:
  • Airlock Version: 1.0.0
  • Laravel Version: 7.0.0
  • PHP Version: 7.2.0
  • Database Driver & Version: MySql 5.7.23


I try login with axios from different domain.
I’ve the core in “” and the react site in “”.
If I try login from to with axios API request, it work fine, also without CSRF-COOKIE request.
But If I try to login from my react “localhost:3000” to “”, I’ve “CSRF token mismatch”. Why?

This is my configuration:

in session

'same_site' => "none",

axios configuration

  baseURL: "",
  withCredentials: true,
  responseType: "json",

axios login

await API.get('/airlock/csrf-cookie');
response = await

cookie from browser – csrf-cooke call
enter image description here

cookie from browser – login call
enter image description here

How to solve:

i think your problem is PHP version.

for using laravel-7 you will need to make sure your server meets
the following requirements:

  • PHP >= 7.2.5
  • BCMath PHP Extension
  • Ctype PHP Extension
  • Fileinfo PHPextension
  • JSON PHP Extension
  • Mbstring PHP Extension
  • OpenSSL PHP Extension
  • PDO PHP Extension
  • Tokenizer PHP Extension
  • XML PHP Extension

check server-requirements documentation

Leave a Reply

Your email address will not be published. Required fields are marked *