問題描述

我有一個(gè)支付系統(tǒng)，數(shù)據(jù)被提交到第 3 方網(wǎng)站然后被拖回......

I've a payment system, where data is submitted to 3rd party site and than hauled back...

當(dāng)數(shù)據(jù)返回時(shí)，它會訪問特定的 url，讓我們說/ok 路由.$_REQUEST['transaction'].

When data returns it hits specific url lets say /ok route. $_REQUEST['transaction'].

但是由于 Laravel 中間件，我的令牌不匹配.第三方支付 API 無法生成令牌，那么我如何禁用它?只針對這條路線?

But because of laravel middleware I'm getting token mismatch. There is no way 3rd party payment API can generate token, so how I disable it? only for this route?

或者有更好的選擇嗎?

Route::get('/payment/ok',   'TransactionsController@Ok');
Route::get('/payment/fail', 'TransactionsController@Fail');

public function Ok( Request $request )
{
    $transId = $request->get('trans_id');

    if ( isset( $transId ) )
    {

        return $transId;

    }

}

推薦答案

從 5.1 版本開始，Laravel 的 VerifyCsrfToken 中間件允許指定從 CSRF 驗(yàn)證中排除的路由.為了實(shí)現(xiàn)這一點(diǎn)，您需要將路由添加到 AppHttpMiddlewareVerifyCsrfToken.php 類中的 $except 數(shù)組:

Since version 5.1 Laravel's VerifyCsrfToken middleware allows to specify routes, that are excluded from CSRF validation. In order to achieve that, you need to add the routes to $except array in your AppHttpMiddlewareVerifyCsrfToken.php class:

<?php namespace AppHttpMiddleware;

use IlluminateFoundationHttpMiddlewareVerifyCsrfToken as BaseVerifier;

class VerifyCsrfToken extends BaseVerifier
{
  protected $except = [
    'payment/*',
  ];
}

有關(guān)詳細(xì)信息，請參閱文檔.

See the docs for more information.

這篇關(guān)于在 laravel 中為特定路由禁用 csrf的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！