Pony.fm/app/Http/Middleware/VerifyCsrfHeader.php

<?php

namespace Poniverse\Ponyfm\Http\Middleware;

use Closure;
use Illuminate\Session\TokenMismatchException;
use Session;

class VerifyCsrfHeader
{

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     * @return mixed
     * @throws TokenMismatchException
     */
    public function handle($request, Closure $next)
    {
        if (Session::token() != $request->input('_token') && Session::token() != $request->header('X-Token')) {
            throw new TokenMismatchException;
        }

        return $next($request);
    }
}
Add middleware 2015-09-06 17:57:20 +02:00			`<?php`

Updated Pony.fm's PHP namespace to Poniverse\Ponyfm. 2015-10-24 03:22:14 +02:00			`namespace Poniverse\Ponyfm\Http\Middleware;`
Add middleware 2015-09-06 17:57:20 +02:00
			`use Closure;`
			`use Illuminate\Session\TokenMismatchException;`
			`use Session;`

			`class VerifyCsrfHeader`
			`{`

			`/**`
			`* Handle an incoming request.`
			`*`
			`* @param \Illuminate\Http\Request $request`
			`* @param \Closure $next`
			`* @return mixed`
			`* @throws TokenMismatchException`
			`*/`
			`public function handle($request, Closure $next)`
			`{`
			`if (Session::token() != $request->input('_token') && Session::token() != $request->header('X-Token')) {`
			`throw new TokenMismatchException;`
			`}`

			`return $next($request);`
			`}`
			`}`