▲ 12 r/SpringBoot
Spring security + ReactJS
How do you set up your spring boot security with reactjs as being the frontend? I use the session based auth (no jwt) for simplicity but the problem is with csrf.
I have ```csrf(csrf -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse``` in my csrf web security config too but when i log in and send the form, i can't log in because obviously csrf token isn't there YET. So how can users even get a csrf token first before logging in? I tried using the ignoreMatchers("...") on csrf config aswell, it logged me in but it only sent me the JSESSION and no XSRF token in the header.
u/Character-Grocery873 — 5 days ago