David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ef855c1175
Branches Tags
laravel
/
app
/
Http
/
Middleware
/
CsrfMiddleware.php

CsrfMiddleware.php 779 B
History Raw

12345678910111213141516171819202122232425262728293031323334353637 
  1. <?php namespace App\Http\Middleware;
    2. 

  2. 

  3. use Closure;
    4. 

  4. use Illuminate\Contracts\Routing\Middleware;
    5. 

  5. use Illuminate\Session\TokenMismatchException;
    6. 

  6. 

  7. class CsrfMiddleware implements Middleware {
    8. 

  8. 

  9. 	/**
    10. 

  10. 	 * Handle an incoming request.
    11. 

  11. 	 *
    12. 

  12. 	 * @param  \Illuminate\Http\Request  $request
    13. 

  13. 	 * @param  \Closure  $next
    14. 

  14. 	 * @return mixed
    15. 

  15. 	 */
    16. 

  16. 	public function handle($request, Closure $next)
    17. 

  17. 	{
    18. 

  18. 		if ($request->method() == 'GET' || $this->tokensMatch($request))
    19. 

  19. 		{
    20. 

  20. 			return $next($request);
    21. 

  21. 		}
    22. 

  22. 

  23. 		throw new TokenMismatchException;
    24. 

  24. 	}
    25. 

  25. 

  26. 	/**
    27. 

  27. 	 * Determine if the session and input CSRF tokens match.
    28. 

  28. 	 *
    29. 

  29. 	 * @param  \Illuminate\Http\Request  $request
    30. 

  30. 	 * @return bool
    31. 

  31. 	 */
    32. 

  32. 	protected function tokensMatch($request)
    33. 

  33. 	{
    34. 

  34. 		return $request->session()->token() == $request->input('_token');
    35. 

  35. 	}
    36. 

  36. 

  37. }
    38.