1. Forum
  2. Modules
  3. Where to Add CSRF Exception?
Login Register
  1. Forum
  2. Modules
  3. Where to Add CSRF Exception?
Where to Add CSRF Exception?
Created 7 years ago by mattcdavis1

I see that there is a portion of code that provides addons access to middleware:

// Let addons manipulate middleware first.
foreach (app('Anomaly\Streams\Platform\Http\Middleware\MiddlewareCollection') as $middleware) {
    $this->middleware($middleware);
}

I'm just not sure how to go about implement this to add a csrf route exception. Can someone provide an example of adding an $except route to csrf middleware from a module?

dali  —  7 years ago

I am also interested in this.. I ended up duplicating the construct of BaseController and remove the VerifyCsrfToken middleware for my Api Controllers

Link
mattcdavis1  —  7 years ago

Yeah - i ended up with a similar approach in my controller:

public function middleware($middleware, array $options = [])
{
    $excluded = [
        'Illuminate\Foundation\Http\Middleware\VerifyCsrfToken',
    ];

    if (!in_array($middleware, $excluded)) {
        return parent::middleware($middleware, $options);
    }
}
Link