5的软件包中从CSRF保护中排除路由

5的软件包中从CSRF保护中排除路由

本文介绍了有没有办法在Laravel 5的软件包中从CSRF保护中排除路由?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我知道VerifyCsrfToken中间件(app/Http/Middleware/VerifyCsrfToken.php)的$except属性,但是我正在寻找一种从我的程序包中执行类似操作的方法(因此,安装它的用户不必修改他们的VerifyCsrfToken.php作为我上班的路线.

I am aware of the $except property of the VerifyCsrfToken middleware (app/Http/Middleware/VerifyCsrfToken.php) but I am looking for a way to do something similar from my package (so the users who install it don't have to modify their VerifyCsrfToken.php for my route to work).

我能够在包中定义路由,但是我不知道如何从默认中间件中排除其中的一个(或多个)路由.我尝试在自己的软件包上扩展Illuminate\Foundation\Http\Middleware\VerifyCsrfToken,但没有运气.

I am able to define routes on my package but I have no idea how to exclude one (or more) of them from the default middleware. I have tried extending Illuminate\Foundation\Http\Middleware\VerifyCsrfToken on my own package with no luck.

推荐答案

不,没有.当在app/Http/Kernel.php类的$middleware属性中提供中间件时,始终会执行中间件.

No, there is not. Middleware is always executed when provided in the $middleware property of your app/Http/Kernel.php class.

这是一件好事.您想让开发人员完全控制他们是否要在其应用程序中启用安全检查.

This is a good thing. You want to give the developers full control on whether or not they want to enable security checks in their application.

如果您确实在路由上需要一个例外,则可以简单地要求将例外手动添加到VerifyCsrfToken类中.

If you really need an exception on the route, you can simply ask to manually add the exception to the VerifyCsrfToken class.

据我所知,服务容器绝对不能访问VerifyCsrfToken类中的$except数组.即使您找到创建中间件实例的方法,内核也将创建中间件类的新实例.由于例外列表不是静态列表,因此无法更改.

The $exceptarray in the VerifyCsrfToken class is in no way accessible by the Service Container as far as I know. Even if you could find a way to create an instance of the middleware, the Kernel will just create a new instance of the middleware classes. Because the list of exceptions isn't static, it is impossible to change this.

这篇关于有没有办法在Laravel 5的软件包中从CSRF保护中排除路由?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-28 03:51