| 12345678910111213141516171819202122232425262728293031323334353637 |
- <?php namespace App\Http\Middleware;
- use Closure;
- use Illuminate\Contracts\Routing\Middleware;
- use Illuminate\Session\TokenMismatchException;
- class CsrfMiddleware implements Middleware {
- /**
- * Handle an incoming request.
- *
- * @param \Illuminate\Http\Request $request
- * @param \Closure $next
- * @return mixed
- */
- public function handle($request, Closure $next)
- {
- if ($request->method() == 'GET' || $this->tokensMatch($request))
- {
- return $next($request);
- }
- throw new TokenMismatchException;
- }
- /**
- * Determine if the session and input CSRF tokens match.
- *
- * @param \Illuminate\Http\Request $request
- * @return bool
- */
- protected function tokensMatch($request)
- {
- return $request->session()->token() == $request->input('_token');
- }
- }
|
