mirror of
https://github.com/Poniverse/Pony.fm.git
synced 2024-11-23 13:37:59 +01:00
28 lines
615 B
PHP
28 lines
615 B
PHP
<?php
|
|
|
|
namespace Poniverse\Ponyfm\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Session\TokenMismatchException;
|
|
use Session;
|
|
|
|
class VerifyCsrfHeader
|
|
{
|
|
|
|
/**
|
|
* Handle an incoming request.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure $next
|
|
* @return mixed
|
|
* @throws TokenMismatchException
|
|
*/
|
|
public function handle($request, Closure $next)
|
|
{
|
|
if (Session::token() != $request->input('_token') && Session::token() != $request->header('X-Token')) {
|
|
throw new TokenMismatchException;
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|