laravel TokenMismatchException in ajax request

Question

i'm using resource group and use this filter to resolve TokenMismatchException problem:

Route::filter('csrf', function($route, $request) {     if (strtoupper($request -> getMethod()) === 'GET') {         return;         // get requests are not CSRF protected     }      $token = $request -> ajax() ? $request -> header('X-CSRF-Token') : Input::get('_token');      if (Session::token() != $token) {         throw new Illuminate\Session\TokenMismatchException;     } }); 

my route :

Route::group(array('prefix'=> 'admin', 'before' => 'csrf'), function(){     Route::resource('profile' , 'ProfileController', array('as'=>'profile') ); }); 

now. i get error to Ajax requests such as this code:

<script type="text/javascript">     $(document).ready(function() {        $('#frm').submit(function(e){            e.preventDefault();            name         = $('#name').val();            family       = $('#family').val();            email        = $('#email').val();            currPassword = $('#currPassword').val();            password     = $('#password').val();            password_confirmation = $('#password_confirmation').val();                  $.post("{{ route('admin.profile.update', $profile->id) }}",                 {                    _method : 'PUT',                   name                  : name,                   family                : family,                   email                 : email,                   currPassword          : currPassword,                   password              : password,                   password_confirmation : password_confirmation                   },                 function(data)                 {                     alert(data.errors.name);                 },'json');                 return false;        }); }); </script> 

ERROR:

{"error":{"type":"Illuminate\\Session\\TokenMismatchException","message":"","file":"\/var\/www\/alachiq\/app\/filters.php","line":83}} 

i think i'm must be sent _token in $.post. but i can not get input tag with name attribute. iget this error:

TypeError: 'stepUp' called on an object that does not implement interface HTMLInputElement. 

Answer 1

There is a tip in the Laravel docs on how to do this. This might not have been available at the time of the question, but I thought I would update it with a answer.

http://laravel.com/docs/master/routing#csrf-x-csrf-token

I have tested the meta tag method from the documentation and got it working. Add the following meta tag into your global template

<meta name="csrf-token" content="{{ csrf_token() }}"> 

Add this JavaScript that sets defaults for all ajax request in jQuery. Preferably in a js file that is included across your app.

$.ajaxSetup({     headers: {         'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')     } }) 

This token can exist in the request header or the form. This populates it into the request header of every ajax request.