public function preProcess(Http\Response $response, Http\Request $request)
{
if (Edge::app()->user()->isGuest()) {
if ($request->is("GET")) {
Edge::app()->session->redirectUrl = $request->getRequestUrl();
}
if ($request->isAjax()) {
throw new Unauthorized("Unauthorized access");
}
$response->redirect($this->url);
}
}
public function preProcess(Http\Response $response, Http\Request $request)
{
if (!$request->is('GET')) {
$tokenName = $this->tokenName;
$body = $request->getParams();
if (!isset($body[$tokenName])) {
throw new BadRequest("The body does not contain a CSRF token");
}
if ($body[$tokenName] != $request->getCsrfToken()) {
throw new BadRequest("The specified CSRF token is not valid");
}
return true;
}
}
