Ɛɔıs3
Reputation: 7851
Disable CSRF TokenMismatch for specific routes on Lumen
I'm using Lumen Framework.
I have an external program who send a HTTP POST request every 2 minutes.
I don't need any views, so I would like to understand how disable CSRF TokenMismatch in Lumen for specific routes (I need it to be activated on some others) ?
Upvotes: 1
Views: 1897
Answers (1)
Alex
Reputation: 4774
You could extend the VerifyCsrfToken class and add your routes to the excludes list.
Add this file called VerifyCsrfToken.php to app/Http/Middleware:
<?php namespace App\Http\Middleware;
use Closure;
use Illuminate\Session\TokenMismatchException;
class VerifyCsrfToken extends \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken {
protected $except_urls = [
// your excluded URLs go here
'example/route',
];
public function handle($request, Closure $next)
{
$regex = '#' . implode('|', $this->except_urls) . '#';
if ($this->isReading($request) || $this->tokensMatch($request) || preg_match($regex, $request->path()))
{
return $this->addCookieToResponse($request, $next($request));
}
throw new TokenMismatchException;
}
}
Then add the Middleware to the bootstrap/app.php file. You have to uncomment $app->middleware() then add it to it like this:
$app->routeMiddleware([
'csrf' => 'Laravel\Lumen\Http\Middleware\VerifyCsrfToken',
]);
Upvotes: 3
Related Questions
- Turn on CSRF protection for a group of GET routes in Laravel
- Lumen Enable CSRF Token
- disable csrf in laravel for specific route
- Remove csrf token only for single method - Laravel
- Laravel 5.4: Exclude a route with parameters from CSRF verification
- How to disable csrf token for some url in Laravel 4
- TokenMismatchException , despite excluding route
- Laravel 5.2 disable csrf_token
- Laravel disable csrf_token for single route
- Laravel 5 disable and excluding CSRF for single route