419 CSRF Error on Livewire after migrating from Laravel 9 + Filament 2 to Laravel 11 + Filament 3
What I am trying to do:
I'm migrating an existing project from Laravel 9 + Filament 2 to Laravel 11 + Filament 3. After the migration, I can see the login page, but when I try to log in, it refreshes and shows a 419 error on the Livewire POST request. PHP 8.2.12.
What I did:
1. Upgraded Laravel from 9 to 11
2. Upgraded Filament from 2 to 3
3. Updated composer.json:
- laravel/framework: ^11.0
- filament/filament: ^3.0
- laraveldaily/laravel-invoices: ^4.0
4. Updated app/Models/User.php:
5. Fixed AdminPanelProvider.php to use correct resource paths and added ->login()
6. Added livewire/* to CSRF exceptions in app/Http/Middleware/VerifyCsrfToken.php
7. Added 'XSRF-TOKEN' to app/Http/Middleware/EncryptCookies.php exceptions
8. Set SESSION_DOMAIN=127.0.0.1 and SESSION_SECURE_COOKIE=false in .env
9. Removed the old app/Http/Kernel.php
10. Cleared all caches, restarted the server, cleared browser cache/cookies
My issue/the error:
When I click the login button with correct credentials, the page refreshes and I get this error in the browser console:
POST http://127.0.0.1:8000/livewire/update 419 (unknown status)
The browser shows "This page has expired. Would you like to refresh the page?"
Code:
app/Http/Middleware/VerifyCsrfToken.php:
`
app/Http/Middleware/EncryptCookies.php:
The CSRF token is present in the session and in the Livewire script tag (data-csrf), but the POST request still fails with 419.
I'm migrating an existing project from Laravel 9 + Filament 2 to Laravel 11 + Filament 3. After the migration, I can see the login page, but when I try to log in, it refreshes and shows a 419 error on the Livewire POST request. PHP 8.2.12.
What I did:
1. Upgraded Laravel from 9 to 11
2. Upgraded Filament from 2 to 3
3. Updated composer.json:
- laravel/framework: ^11.0
- filament/filament: ^3.0
- laraveldaily/laravel-invoices: ^4.0
4. Updated app/Models/User.php:
5. Fixed AdminPanelProvider.php to use correct resource paths and added ->login()
6. Added livewire/* to CSRF exceptions in app/Http/Middleware/VerifyCsrfToken.php
7. Added 'XSRF-TOKEN' to app/Http/Middleware/EncryptCookies.php exceptions
8. Set SESSION_DOMAIN=127.0.0.1 and SESSION_SECURE_COOKIE=false in .env
9. Removed the old app/Http/Kernel.php
10. Cleared all caches, restarted the server, cleared browser cache/cookies
My issue/the error:
When I click the login button with correct credentials, the page refreshes and I get this error in the browser console:
POST http://127.0.0.1:8000/livewire/update 419 (unknown status)
The browser shows "This page has expired. Would you like to refresh the page?"
Code:
app/Http/Middleware/VerifyCsrfToken.php:
`
app/Http/Middleware/EncryptCookies.php:
The CSRF token is present in the session and in the Livewire script tag (data-csrf), but the POST request still fails with 419.
