method() == 'GET' || $this->tokensMatch($request)) { return $next($request); } throw new TokenMismatchException; } /** * Determine if the session and input CSRF tokens match. * * @param \Illuminate\Http\Request $request * @return bool */ protected function tokensMatch($request) { return $request->session()->token() == $request->input('_token'); } }