1. class
  2. Illuminate
  3. \
  4. Foundation
  5. \
  6. Http
  7. \
  8. Middleware
  9. \
  10. VerifyCsrfToken

VerifyCsrfToken

class VerifyCsrfToken (View source)

Traits

InteractsWithTime

Properties

protected Application $app

The application instance.
protected Encrypter $encrypter

The encrypter implementation.
protected array<int,string> $except

The URIs that should be excluded from CSRF verification.
protected bool $addHttpCookie

Indicates whether the XSRF-TOKEN cookie should be set on the response.

Methods

int
secondsUntil(DateTimeInterface|DateInterval|int $delay)

Get the number of seconds until the given DateTime.

from  InteractsWithTime
int
availableAt(DateTimeInterface|DateInterval|int $delay = 0)

Get the "available at" UNIX timestamp.

from  InteractsWithTime
DateTimeInterface|int
parseDateInterval(DateTimeInterface|DateInterval|int $delay)

If the given value is an interval, convert it to a DateTime instance.

from  InteractsWithTime
int
currentTime()

Get the current system time as a UNIX timestamp.

from  InteractsWithTime
void
__construct(Application $app, Encrypter $encrypter)

Create a new middleware instance.

mixed
handle(Request $request, Closure $next)

Handle an incoming request.

bool
isReading(Request $request)

Determine if the HTTP request uses a ‘read’ verb.

bool
runningUnitTests()

Determine if the application is running unit tests.

bool
inExceptArray(Request $request)

Determine if the request has a URI that should pass through CSRF verification.

bool
tokensMatch(Request $request)

Determine if the session and input CSRF tokens match.

string|null
getTokenFromRequest(Request $request)

Get the CSRF token from the request.

bool
shouldAddXsrfTokenCookie()

Determine if the cookie should be added to the response.

Response
addCookieToResponse(Request $request, Response $response)

Add the CSRF token to the response cookies.

Cookie
newCookie(Request $request, array $config)

Create a new "XSRF-TOKEN" cookie that contains the CSRF token.

static bool
serialized()

Determine if the cookie contents should be serialized.

Details

in InteractsWithTime at line 16
protected int secondsUntil(DateTimeInterface|DateInterval|int $delay)

Get the number of seconds until the given DateTime.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

int

in InteractsWithTime at line 31
protected int availableAt(DateTimeInterface|DateInterval|int $delay = 0)

Get the "available at" UNIX timestamp.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

int

in InteractsWithTime at line 46
protected DateTimeInterface|int parseDateInterval(DateTimeInterface|DateInterval|int $delay)

If the given value is an interval, convert it to a DateTime instance.

Parameters

DateTimeInterface|DateInterval|int $delay

Return Value

DateTimeInterface|int

in InteractsWithTime at line 60
protected int currentTime()

Get the current system time as a UNIX timestamp.

Return Value

int

at line 55
void __construct(Application $app, Encrypter $encrypter)

Create a new middleware instance.

Parameters

Application $app
Encrypter $encrypter

Return Value

void

at line 70
mixed handle(Request $request, Closure $next)

Handle an incoming request.

Parameters

Request $request
Closure $next

Return Value

mixed

Exceptions

TokenMismatchException

at line 94
protected bool isReading(Request $request)

Determine if the HTTP request uses a ‘read’ verb.

Parameters

Request $request

Return Value

bool

at line 104
protected bool runningUnitTests()

Determine if the application is running unit tests.

Return Value

bool

at line 115
protected bool inExceptArray(Request $request)

Determine if the request has a URI that should pass through CSRF verification.

Parameters

Request $request

Return Value

bool

at line 136
protected bool tokensMatch(Request $request)

Determine if the session and input CSRF tokens match.

Parameters

Request $request

Return Value

bool

at line 151
protected string|null getTokenFromRequest(Request $request)

Get the CSRF token from the request.

Parameters

Request $request

Return Value

string|null

at line 171
bool shouldAddXsrfTokenCookie()

Determine if the cookie should be added to the response.

Return Value

bool

at line 183
protected Response addCookieToResponse(Request $request, Response $response)

Add the CSRF token to the response cookies.

Parameters

Request $request
Response $response

Return Value

Response

at line 203
protected Cookie newCookie(Request $request, array $config)

Create a new "XSRF-TOKEN" cookie that contains the CSRF token.

Parameters

Request $request
array $config

Return Value

Cookie

at line 224
static bool serialized()

Determine if the cookie contents should be serialized.

Return Value

bool