IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Another try to fix csrf

Browse Source
This commit is contained in:
James Cole 2015-07-22 17:58:06 +02:00
parent 586c53e670
commit 774d4844a9
2 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/WebhookController.php
View File

@ -12,10 +12,8 @@ use Log;
class WebhookController extends Controller class WebhookController extends Controller
{ {
protected $middleware = [];
/** /**
* *
*/ */
public function sendgrid() public function sendgrid()
{ {

27
app/Http/Middleware/VerifyCsrfToken.php
View File

@ -12,6 +12,15 @@ use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier class VerifyCsrfToken extends BaseVerifier
{ {
/**
* Routes we want to exclude.
*
* @var array
*/
protected $routes = [
'hook/sendgrid',
];
/** /**
* Handle an incoming request. * Handle an incoming request.
* *
@ -22,7 +31,25 @@ class VerifyCsrfToken extends BaseVerifier
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if($this->excludedRoutes($request)) {
return $next($request);
}
return parent::handle($request, $next); return parent::handle($request, $next);
} }
/**
* This will return a bool value based on route checking.
* @param Request $request
* @return boolean
*/
protected function excludedRoutes($request)
{
foreach($this->routes as $route)
if ($request->is($route))
return true;
return false;
}
} }