問題描述

我正在使用 Laravel 5 開發應用程序.我的應用程序與 VendHQ API 連接，我打算通過他們的 webhook 從 VendHQ 獲取一些數據.根據他們的文檔

I am using Laravel 5 for developing an app. My app is connected with VendHQ API and I am intended to get some data from VendHQ through their webhook. As per their Documentation

當一個事件發生并觸發一個 webhook 時，我們將發送一個 POST請求到您選擇的 URL.POST 請求將在UTF-8 字符集和 application/x-www-form-urlencoded 編碼.

When an event happens and triggers a webhook, we’ll send a POST request to a URL of your choosing. The POST request will be in the UTF-8 charset, and application/x-www-form-urlencoded encoding.

問題是，當他們嘗試向我的 Laravel 應用程序發送 POST 請求時，他們的發布請求中沒有添加 CSRF 令牌，并且 VerifyCsrfToken 中間件正在尋找令牌，最后它拋出一個 <代碼>TokenMismatchException.

The problem is, when they try to send a POST request to my Laravel app, no CSRF Token is added in their post request and VerifyCsrfToken middleware is looking for a token and finally it throws a TokenMismatchException.

我的問題是，如何在保持其他發布請求處于活動狀態的同時避免某些特定路由的默認 VerifyCsrfToken 中間件?

My question is, how can I avoid this default VerifyCsrfToken Middleware for some specific routes while keeping other post requests active?

推薦答案

Laravel 5 中所有路由默認開啟 CSRF，你可以通過修改 app/Http/Middleware/VerifyCsrfToken.php 為特定路由禁用它

CSRF is enabled by default on all Routes in Laravel 5, you can disable it for specific routes by modifying app/Http/Middleware/VerifyCsrfToken.php

//app/Http/Middleware/VerifyCsrfToken.php

//add an array of Routes to skip CSRF check
private $openRoutes = ['free/route', 'free/too'];

//modify this function
public function handle($request, Closure $next)
    {
        //add this condition 
    foreach($this->openRoutes as $route) {

      if ($request->is($route)) {
        return $next($request);
      }
    }

    return parent::handle($request, $next);
  }

來源

這篇關于在 Laravel 5 中，如何禁用特定路由的 VerifycsrfToken 中間件?的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！