I am trying to login a user using laravel and the api i made for it, i made the post code with the email and password but it returns me a token missmatch error,i guess thats because i dont pass any csrf and my doubt is how to get it.
If i understood correctly i just need to do a GET on my main domain and grab the csrf from there, from the cookies (?).
I found this, but classes are deprecated and i dont know how to implement with my updated code:
Found:
CookieStore cookieStore = httpClient.getCookieStore();
List <Cookie> cookies = cookieStore.getCookies();
for (Cookie cookie: cookies) {
if (cookie.getName().equals("XSRF-TOKEN")) {
CSRFTOKEN = cookie.getValue();
}
}
Need to implement the grab csrf part on my code:
url = new URL(AppConfig.BaseURL);
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
connection.setRequestMethod("GET");
// CookieStore cookieStore = connection.getCookieStore();
// List<HttpCookie> cookies = cookieStore.getCookies();
// for (Cookie cookie: cookies) {
// if (cookie.getName().equals("XSRF-TOKEN")) {
// CSRFTOKEN = cookie.getValue();
// }
// }
The commentted is either worng or deprecated but cant figure out how to solve it !
via BugD
