File "CsrfMiddleware.php"
Full path: C:/Inetpub/vhosts/drshti.com/httpdocs/wp-content/plugins/depicter/vendor/averta/wpemerge/src/Csrf/CsrfMiddleware.php
File
size: 1.21 B
MIME-type: text/x-php
Charset: utf-8
Download Open Edit Advanced Editor &nnbsp; Back
<?php
/**
* @package WPEmerge
* @author Atanas Angelov <hi@atanas.dev>
* @copyright 2017-2019 Atanas Angelov
* @license https://www.gnu.org/licenses/gpl-2.0.html GPL-2.0
* @link https://wpemerge.com/
*/
namespace WPEmerge\Csrf;
use Closure;
use Psr\Http\Message\ResponseInterface;
use WPEmerge\Requests\RequestInterface;
/**
* Store current request data and clear old request data
*/
class CsrfMiddleware {
/**
* CSRF service.
*
* @var Csrf
*/
protected $csrf = null;
/**
* Constructor.
*
* @param Csrf $csrf
*/
public function __construct( $csrf ) {
$this->csrf = $csrf;
}
/**
* Reject requests that fail nonce validation.
*
* @param RequestInterface $request
* @param Closure $next
* @param mixed $action
* @return ResponseInterface
* @throws InvalidCsrfTokenException
*/
public function handle( RequestInterface $request, Closure $next, $action = -1 ) {
if ( ! $request->isReadVerb() ) {
$token = $this->csrf->getTokenFromRequest( $request );
if ( ! $this->csrf->isValidToken( $token, $action ) ) {
throw new InvalidCsrfTokenException();
}
}
$this->csrf->generateToken( $action );
return $next( $request );
}
}