Thanks Mohamed! Very straightforward and easy to understand. The only thing I believe was left out was when and how CSRF tokens are rerolled - is a new token generated and stored in the session for each request?
The CSRF token is rolled whenever the session is rolled. So if you have the session lifetime set to 2 hours (the default) and the user stayed idle for 2 hours, the token will expire on his next request and he'll need to refresh to get the new token.
You explain things so well. You're a great teacher
Thanks! Glad you found it useful :)
Audio is fine now, Good job dude.
Thanks Mohamed! Very straightforward and easy to understand. The only thing I believe was left out was when and how CSRF tokens are rerolled - is a new token generated and stored in the session for each request?
The CSRF token is rolled whenever the session is rolled. So if you have the session lifetime set to 2 hours (the default) and the user stayed idle for 2 hours, the token will expire on his next request and he'll need to refresh to get the new token.
Thanks for video, very helpful!
nice sound!
good explaining ;)
Glad you liked it :)
That really helpful
Yeah, thanks for your contribution. Mohammed.
Welcome :)
It's better. Congrats!
Finally :D
:) so with Laravel Sanctum can we use both - CSRF-Token from meta tag and XSRF-Token from cookies? Does it matter?
i think that you mentioned before that cookies are encrypted then how axios extracts csrf token from them ?
axios send the encrypted CSRF token, Laravel decrypts it before verification.
Many thanks keep going
Audio is much better on this video.
Thanks for the feedback :)