David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0a01aca6b4
Branches Tags
laravel
/
app
/
Http
/
Middleware
/
VerifyCsrfToken.php

VerifyCsrfToken.php 1.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 
  1. <?php namespace App\Http\Middleware;
    2. 

  2. 

  3. use Closure;
    4. 

  4. use Illuminate\Contracts\Routing\Middleware;
    5. 

  5. use Illuminate\Session\TokenMismatchException;
    6. 

  6. 

  7. class VerifyCsrfToken implements Middleware {
    8. 

  8. 

  9. 	/**
    10. 

  10. 	 * Handle an incoming request.
    11. 

  11. 	 *
    12. 

  12. 	 * @param  \Illuminate\Http\Request  $request
    13. 

  13. 	 * @param  \Closure  $next
    14. 

  14. 	 * @return mixed
    15. 

  15. 	 *
    16. 

  16. 	 * @throws TokenMismatchException
    17. 

  17. 	 */
    18. 

  18. 	public function handle($request, Closure $next)
    19. 

  19. 	{
    20. 

  20. 		if ($this->isReading($request) || $this->tokensMatch($request))
    21. 

  21. 		{
    22. 

  22. 			return $next($request);
    23. 

  23. 		}
    24. 

  24. 

  25. 		throw new TokenMismatchException;
    26. 

  26. 	}
    27. 

  27. 

  28. 	/**
    29. 

  29. 	 * Determine if the session and input CSRF tokens match.
    30. 

  30. 	 *
    31. 

  31. 	 * @param  \Illuminate\Http\Request  $request
    32. 

  32. 	 * @return bool
    33. 

  33. 	 */
    34. 

  34. 	protected function tokensMatch($request)
    35. 

  35. 	{
    36. 

  36. 		return $request->session()->token() == $request->input('_token');
    37. 

  37. 	}
    38. 

  38. 

  39. 	/**
    40. 

  40. 	 * Determine if the HTTP request uses a ‘read’ verb.
    41. 

  41. 	 *
    42. 

  42. 	 * @param  \Illuminate\Http\Request  $request
    43. 

  43. 	 * @return bool
    44. 

  44. 	 */
    45. 

  45. 	protected function isReading($request)
    46. 

  46. 	{
    47. 

  47. 		return in_array($request->method(), ['HEAD', 'GET', 'OPTIONS']);
    48. 

  48. 	}
    49. 

  49. 

  50. }
    51.