class VerifyCsrfToken (View source)

Traits

Properties

protected Application $app

The application instance.

protected Encrypter $encrypter

The encrypter implementation.

protected array<int,string> $except

The URIs that should be excluded from CSRF verification.

protected bool $addHttpCookie

Indicates whether the XSRF-TOKEN cookie should be set on the response.

Methods

int
secondsUntil(DateTimeInterface|DateInterval|int $delay)

Get the number of seconds until the given DateTime.

int
availableAt(DateTimeInterface|DateInterval|int $delay = 0)

Get the "available at" UNIX timestamp.

parseDateInterval(DateTimeInterface|DateInterval|int $delay)

If the given value is an interval, convert it to a DateTime instance.

int
currentTime()

Get the current system time as a UNIX timestamp.

void
__construct(Application $app, Encrypter $encrypter)

Create a new middleware instance.

mixed
handle(Request $request, Closure $next)

Handle an incoming request.

bool
isReading(Request $request)

Determine if the HTTP request uses a ‘read’ verb.

bool
runningUnitTests()

Determine if the application is running unit tests.

bool
inExceptArray(Request $request)

Determine if the request has a URI that should pass through CSRF verification.

bool
tokensMatch(Request $request)

Determine if the session and input CSRF tokens match.

string|null
getTokenFromRequest(Request $request)

Get the CSRF token from the request.

bool
shouldAddXsrfTokenCookie()

Determine if the cookie should be added to the response.

Response
addCookieToResponse(Request $request, Response $response)

Add the CSRF token to the response cookies.

Cookie
newCookie(Request $request, array $config)

Create a new "XSRF-TOKEN" cookie that contains the CSRF token.

static bool
serialized()

Determine if the cookie contents should be serialized.

Details

protected int secondsUntil(DateTimeInterface|DateInterval|int $delay)

Get the number of seconds until the given DateTime.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

int

protected int availableAt(DateTimeInterface|DateInterval|int $delay = 0)

Get the "available at" UNIX timestamp.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

int

protected DateTimeInterface|int parseDateInterval(DateTimeInterface|DateInterval|int $delay)

If the given value is an interval, convert it to a DateTime instance.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

DateTimeInterface|int

protected int currentTime()

Get the current system time as a UNIX timestamp.

Return Value

int

void __construct(Application $app, Encrypter $encrypter)

Create a new middleware instance.

Parameters

Application $app
Encrypter $encrypter

Return Value

void

mixed handle(Request $request, Closure $next)

Handle an incoming request.

Parameters

Request $request
Closure $next

Return Value

mixed

Exceptions

TokenMismatchException

protected bool isReading(Request $request)

Determine if the HTTP request uses a ‘read’ verb.

Parameters

Request $request

Return Value

bool

protected bool runningUnitTests()

Determine if the application is running unit tests.

Return Value

bool

protected bool inExceptArray(Request $request)

Determine if the request has a URI that should pass through CSRF verification.

Parameters

Request $request

Return Value

bool

protected bool tokensMatch(Request $request)

Determine if the session and input CSRF tokens match.

Parameters

Request $request

Return Value

bool

protected string|null getTokenFromRequest(Request $request)

Get the CSRF token from the request.

Parameters

Request $request

Return Value

string|null

bool shouldAddXsrfTokenCookie()

Determine if the cookie should be added to the response.

Return Value

bool

protected Response addCookieToResponse(Request $request, Response $response)

Add the CSRF token to the response cookies.

Parameters

Request $request
Response $response

Return Value

Response

protected Cookie newCookie(Request $request, array $config)

Create a new "XSRF-TOKEN" cookie that contains the CSRF token.

Parameters

Request $request
array $config

Return Value

Cookie

static bool serialized()

Determine if the cookie contents should be serialized.

Return Value

bool