Another try to fix csrf

2025-02-25 18:45:27 -06:00 · 2015-07-22 17:58:06 +02:00 · 2015-07-22 17:58:06 +02:00 · 774d4844a9
commit 774d4844a9
parent 586c53e670
2 changed files with 28 additions and 3 deletions
--- a/app/Http/Controllers/WebhookController.php
+++ b/app/Http/Controllers/WebhookController.php
@ -12,10 +12,8 @@ use Log;
 class WebhookController extends Controller
 {

-    protected $middleware = [];
-
    /**
-     * 
+     *
     */
    public function sendgrid()
    {
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@ -12,6 +12,15 @@ use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
 class VerifyCsrfToken extends BaseVerifier
 {

+    /**
+     * Routes we want to exclude.
+     *
+     * @var array
+     */
+    protected $routes = [
+        'hook/sendgrid',
+    ];
+
    /**
     * Handle an incoming request.
     *
@ -22,7 +31,25 @@ class VerifyCsrfToken extends BaseVerifier
     */
    public function handle($request, Closure $next)
    {
+        if($this->excludedRoutes($request)) {
+            return $next($request);
+        }
        return parent::handle($request, $next);
    }

+    /**
+     * This will return a bool value based on route checking.
+
+     * @param  Request $request
+     * @return boolean
+     */
+    protected function excludedRoutes($request)
+    {
+        foreach($this->routes as $route)
+            if ($request->is($route))
+                return true;
+
+        return false;
+    }
+
 }