The best way to solve this problem “X-CSRF-TOKEN” is to add the following code to your main layout, and continue making your ajax calls normally:
In header
<meta name="csrf-token" content="{{ csrf_token() }}" />
In script
<script type="text/javascript">
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
</script>