問題描述
我有一個支付系統,數據被提交到第 3 方網站然后被拖回......
I've a payment system, where data is submitted to 3rd party site and than hauled back...
當數據返回時,它會訪問特定的 url,讓我們說/ok 路由.$_REQUEST['transaction'].
When data returns it hits specific url lets say /ok route. $_REQUEST['transaction'].
但是由于 Laravel 中間件,我的令牌不匹配.第三方支付 API 無法生成令牌,那么我如何禁用它?只針對這條路線?
But because of laravel middleware I'm getting token mismatch. There is no way 3rd party payment API can generate token, so how I disable it? only for this route?
或者有更好的選擇嗎?
Route::get('/payment/ok', 'TransactionsController@Ok');
Route::get('/payment/fail', 'TransactionsController@Fail');
public function Ok( Request $request )
{
$transId = $request->get('trans_id');
if ( isset( $transId ) )
{
return $transId;
}
}
推薦答案
從 5.1 版本開始,Laravel 的 VerifyCsrfToken 中間件允許指定從 CSRF 驗證中排除的路由.為了實現這一點,您需要將路由添加到 AppHttpMiddlewareVerifyCsrfToken.php 類中的 $except 數組:
Since version 5.1 Laravel's VerifyCsrfToken middleware allows to specify routes, that are excluded from CSRF validation. In order to achieve that, you need to add the routes to $except array in your AppHttpMiddlewareVerifyCsrfToken.php class:
<?php namespace AppHttpMiddleware;
use IlluminateFoundationHttpMiddlewareVerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier
{
protected $except = [
'payment/*',
];
}
有關詳細信息,請參閱文檔.
See the docs for more information.
這篇關于在 laravel 中為特定路由禁用 csrf的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!