I am building a login system via ajax and using a token, saving in a SESSION , passed by javascript, the idea is that every page reload is created a new token to avoid brute-force and etc, but as I am sending via ajax, the token is only valid on the first request, if the user errs the user / password the token is invalid and it is not possible to log in again, putting the correct data, how can I to get around this situation?
CSRF Token is only valid after first ajax request
0
asked by anonymous 10.08.2017 / 01:40