/**
* Add the CSRF token to the response cookies.
*
* @param \Illuminate\Http\Request $request
* @param \Illuminate\Http\Response $response
* @return \Illuminate\Http\Response
*/
protected function addCookieToResponse($request, $response)
{
if ('array' !== config('session.driver')) {
return parent::addCookieToResponse($request, $response);
}
return $response;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$skip = array('login');
foreach ($skip as $key => $route) {
//skip csrf check on route
if ($request->is($route)) {
return parent::addCookieToResponse($request, $next($request));
}
}
return parent::handle($request, $next);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// Only enable CSRF on these routes:
$enable_for = [];
foreach ($enable_for as $route) {
if ($request->is($route)) {
return parent::handle($request, $next);
}
}
return parent::addCookieToResponse($request, $next($request));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//tsipizic we skip saml2 functions. NO csrf token here
$skip = array('saml2/acs');
foreach ($skip as $key => $route) {
//skip csrf check on route
if ($request->is($route)) {
return parent::addCookieToResponse($request, $next($request));
}
}
return parent::handle($request, $next);
}
