Fix #73 - CSRF token mismatch

2025-08-09 05:54:34 +02:00 · 2022-05-14 13:45:12 +02:00
parent 986e216896
commit 070c6a2486
4 changed files with 15 additions and 3 deletions
--- a/resources/js/api.js
+++ b/resources/js/api.js
@ -39,6 +39,16 @@ Vue.axios.interceptors.response.use(response => response, error => {
    if ( error.response.status === 401 ) {
        routeName = 'login'
    }
+
+    // api calls are stateless so when user inactivity is detected
+    // by the backend middleware it cannot logout the user directly
+    // so it returns a 418 response.
+    // We catch the 418 response and push the user to the login view
+    // with the instruction to request a session logout
+    if ( error.response.status === 418 ) {
+        router.push({ name: 'login', params: { forceLogout: true } })
+        throw new Vue.axios.Cancel();
+    }
    
    if ( error.response.status === 404 ) routeName = '404'