2👍
✅
You should manually pass CSRF token when making a request. Just push the following to every request:
_token: document.querySelector("meta[name='csrf-token']").getAttribute("content");
Source:stackexchange.com