Logo Questions Linux Laravel Mysql Ubuntu Git Menu

Where do you put the CSRF token in Relay/GraphQL?

I am trying to get Relay and GraphQL set up with my Laravel server. I have successfully set Laravel up to serve GraphQL.

In the past, to make ajax calls with jQuery I added the following to my master.blade.php:

 <meta name="csrf-token" content="{{ csrf_token() }}">

and the following to my main.js file:

    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')

My GraphQL endpoint is currently returning token mismatch exception. It seems to me that Relay needs to pass the csrf-token to the server in a similar manner as jQuery.ajax. Where does it go?

like image 755
RichardForrester Avatar asked Mar 14 '23 18:03


1 Answers

Configure your network layer to append headers to each request:

  new Relay.DefaultNetworkLayer('/graphql', {
    headers: {
      'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content'),

The second argument to Relay.DefaultNetworkLayer gets passed through to the init argument of fetch(input, init). See the Relay Network Layer Guide for more information.

like image 104
steveluscher Avatar answered Mar 23 '23 13:03