mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2024-11-30 12:43:57 -06:00
CSRF middleware separated.
This commit is contained in:
parent
ff9146ab91
commit
8823666aa9
@ -1,57 +1,17 @@
|
||||
<?php
|
||||
/**
|
||||
* VerifyCsrfToken.php
|
||||
* Copyright (C) 2016 thegrumpydictator@gmail.com
|
||||
*
|
||||
* This software may be modified and distributed under the terms of the
|
||||
* Creative Commons Attribution-ShareAlike 4.0 International License.
|
||||
*
|
||||
* See the LICENSE file for details.
|
||||
*/
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace FireflyIII\Http\Middleware;
|
||||
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
|
||||
use Symfony\Component\HttpFoundation\Cookie;
|
||||
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
|
||||
|
||||
/**
|
||||
* Class VerifyCsrfToken
|
||||
*
|
||||
* @package FireflyIII\Http\Middleware
|
||||
*/
|
||||
class VerifyCsrfToken extends BaseVerifier
|
||||
class VerifyCsrfToken extends Middleware
|
||||
{
|
||||
/**
|
||||
* The URIs that should be excluded from CSRF verification.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $except
|
||||
= [
|
||||
//
|
||||
];
|
||||
|
||||
/**
|
||||
* Add the CSRF token to the response cookies.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Symfony\Component\HttpFoundation\Response $response
|
||||
*
|
||||
* @return \Symfony\Component\HttpFoundation\Response
|
||||
*/
|
||||
protected function addCookieToResponse($request, $response)
|
||||
{
|
||||
$config = config('session');
|
||||
|
||||
$response->headers->setCookie(
|
||||
new Cookie(
|
||||
'XSRF-TOKEN', $request->session()->token(), Carbon::now()->getTimestamp() + 60 * $config['lifetime'],
|
||||
$config['path'], $config['domain'], $config['secure'], true
|
||||
)
|
||||
);
|
||||
|
||||
return $response;
|
||||
}
|
||||
protected $except = [
|
||||
//
|
||||
];
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user