jquery - CSRF token mismatch for ajax post using nodejs express -

environment: express 4, jquery, krakenjs, font-awesome

in controllers/products/index.js

module.exports = function (router) {     router.post('/add',function(req,res){         //     }); }; 

in html file, users click icon , add products cart

{?products}     {#products}         <ul id="{.id}">             <li class="add"><i class="fa fa-plus"></i></li>         </ul>     {/products} {/products} 

for each product, following script ajax post backend.

$('.add').click(function(e){        var _id = this.parentelement.id;        $.ajax({            url: "/products/add",            type: 'post',            contenttype: 'application/json',            datatype: 'json',            data: json.stringify({              id: _id            })        });  }); 

the server responds 500 (internal server error) , states 'error: csrf token mismatch'. need insert csrf token in ajax post or eliminate token validation when doing ajax call without form submission.

krakenjs uses lusca crsf protection.

lusca stores crsf _token in req.locals.

also, set crsf token in view hidden / data-attribute , include part of ajax post.