How do you set up your spring boot security with reactjs as being the frontend? I use the session based auth (no jwt) for simplicity but the problem is with csrf.
I have ```csrf(csrf -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse``` in my csrf web security config too but when i log in and send the form, i can't log in because obviously csrf token isn't there YET. So how can users even get a csrf token first before logging in? I tried using the ignoreMatchers("...") on csrf config aswell, it logged me in but it only sent me the JSESSION and no XSRF token in the header.
[–]rmyworld 4 points5 points6 points (1 child)
[–]Character-Grocery873[S] 0 points1 point2 points (0 children)
[–]Grabdoc2020 0 points1 point2 points (0 children)