I am using restful controllers. I need to run some filters like auth and custom permissions on them. So I put them in a route group and set filters on that group. In addition I also want to run csrf filter but only on post requests. How to do this in the route group?
Added code for clarification
Route::group(array('before' => 'auth|allowed|csrf'), function() {
Route::controller('controller', 'SomeController');
Route::controller('othercontroller', 'OtherController');
});
I want the csrf only on post routes. I really don't want to add a filter on every controller (there are quite a few);
OK. I solved it i guess. I checked whether the request was post or not. Don't know whether this is bad practice. I changed the csrf filter in filter.php to
Route::filter('csrf', function()
{
if (Request::getMethod() == 'POST' && Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments