summaryrefslogtreecommitdiff
path: root/app/Http/Middleware/CheckCsrf.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Http/Middleware/CheckCsrf.php')
-rw-r--r--app/Http/Middleware/CheckCsrf.php34
1 files changed, 18 insertions, 16 deletions
diff --git a/app/Http/Middleware/CheckCsrf.php b/app/Http/Middleware/CheckCsrf.php
index 07a33dfe48..313c381cb9 100644
--- a/app/Http/Middleware/CheckCsrf.php
+++ b/app/Http/Middleware/CheckCsrf.php
@@ -27,22 +27,24 @@ use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
/**
* Middleware to wrap a request in a transaction.
*/
-class CheckCsrf implements MiddlewareInterface {
- /**
- * @param Request $request
- * @param Closure $next
- *
- * @return Response
- * @throws AccessDeniedHttpException
- */
- public function handle(Request $request, Closure $next): Response {
- $client_token = $request->get('csrf', $request->headers->get('X_CSRF_TOKEN'));
- $session_token = Session::get('CSRF_TOKEN');
+class CheckCsrf implements MiddlewareInterface
+{
+ /**
+ * @param Request $request
+ * @param Closure $next
+ *
+ * @return Response
+ * @throws AccessDeniedHttpException
+ */
+ public function handle(Request $request, Closure $next): Response
+ {
+ $client_token = $request->get('csrf', $request->headers->get('X_CSRF_TOKEN'));
+ $session_token = Session::get('CSRF_TOKEN');
- if ($client_token !== $session_token) {
- throw new AccessDeniedHttpException(I18N::translate('This form has expired. Try again.'));
- }
+ if ($client_token !== $session_token) {
+ throw new AccessDeniedHttpException(I18N::translate('This form has expired. Try again.'));
+ }
- return $next($request);
- }
+ return $next($request);
+ }
}