How to turn off csrf in laravel

Method: 1. Open the "Kernel.php" file under the app, find and comment out the "App\Http\Middleware\VerifyCsrfToken" code. 2. Open the "VerifyCsrfToken.PHP" file under the app and modify the "$except" attribute.

The operating environment of this tutorial: Windows 7 system, Laravel 5 version, DELL G3 computer.

If you use laravel, you will know the csrf verification function. If there is no csrf_token when posting a value, the following error will be reported:

This This is because in versions after 5.2, web middleware will be added to the routing by default.

There is the following configuration in the app/Http/Kernel.php file:

Close all

At this point, everyone must know How to turn off this verification. Justcomment out the line of code marked in the picture above, which will turn off the csrf verification, but this will turn off everything.

---

Partially closed

When we write the interface, we will encounter such a problem: because csrf_token cannot be passed through the interface (csrf_token is generated in laravel), we I just want to turn off CSRF verification when making API requests, and the background of the website will not be turned off.

This requires modifying the app\Http\Middleware\VerifyCsrfToken.php file.

There is an attribute $except in the file. You can set which routes do not require csrf verification. What I want is as follows Routes starting with api do not perform CSRF verification. You only need to add 'api/*'.

This way I visit http://***/laravel/public /api/index will not report an error.

Related recommendations: The latest five Laravel video tutorials

The above is the detailed content of How to turn off csrf in laravel. For more information, please follow other related articles on the PHP Chinese website!