I tried to follow the mentioned steps in the related PR and found some needed changes (for me). But unfortunately, although it first seems to work, I ran into an issue related to the session / nonce / CSRF.
Currently the @livewireScripts or the ESM version @livewireScriptConfig won’t set a CSRF token, which will break on events like wire:click or wire:submit.
Has anyone a hint, why the csrf_token() will return null? Am I missing something?
… I tried to debug this and am quite not sure if I miss something fundamental.
It seems that the session will not be persistent between different requests. Secondly, at every point in code, the function csrf_token() will return null.
However, at the moment, I’m applying the following workaround to ensure that the Livewire components function properly:
I’ve encountered same issue in the past where the CSRF token wasn’t generated on pages managed by WordPress itself.
I guess it’s due to WordPress pages aren’t managed by the Laravel router, so doesn’t trigger a middleware that initiates the session which generates the token.
I build manually livewire and alpine (with some plugin) with radicle, and that was the missing part to work nicely
For information i just have a LivewireServiceProvider with
public function register(): void
{
add_filter('wp_head', function () {
echo Blade::render('@livewireStyles');
});
add_filter('wp_footer', function () {
echo Blade::render('@livewireScriptConfig');
});
add_action('wp_loaded', fn () => app('session')->isStarted() || app('session')->start());
}
and app.ts is
// We add Livewire/Alpinejs manually to be more flexible
// @see https://livewire.laravel.com/docs/alpine#manually-bundling-alpine-in-your-javascript-build
import {Livewire, Alpine} from '../../vendor/livewire/livewire/dist/livewire.esm';
import resize from '@alpinejs/resize'
Alpine.plugin(resize)
Livewire.start()
import.meta.webpackHot?.accept(console.error);