From 8823666aa92d222ccf24f3644631df4450140030 Mon Sep 17 00:00:00 2001
From: James Cole <thegrumpydictator@gmail.com>
Date: Sat, 9 Sep 2017 22:03:54 +0200
Subject: [PATCH] CSRF middleware separated.

---
 app/Http/Middleware/VerifyCsrfToken.php | 50 +++----------------------
 1 file changed, 5 insertions(+), 45 deletions(-)

diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
index 98ded14137..0ac15cddd2 100644
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -1,57 +1,17 @@
 <?php
-/**
- * VerifyCsrfToken.php
- * Copyright (C) 2016 thegrumpydictator@gmail.com
- *
- * This software may be modified and distributed under the terms of the
- * Creative Commons Attribution-ShareAlike 4.0 International License.
- *
- * See the LICENSE file for details.
- */
-declare(strict_types=1);
 
 namespace FireflyIII\Http\Middleware;
 
-use Carbon\Carbon;
-use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
-use Symfony\Component\HttpFoundation\Cookie;
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 
-/**
- * Class VerifyCsrfToken
- *
- * @package FireflyIII\Http\Middleware
- */
-class VerifyCsrfToken extends BaseVerifier
+class VerifyCsrfToken extends Middleware
 {
     /**
      * The URIs that should be excluded from CSRF verification.
      *
      * @var array
      */
-    protected $except
-        = [
-            //
-        ];
-
-    /**
-     * Add the CSRF token to the response cookies.
-     *
-     * @param  \Illuminate\Http\Request                   $request
-     * @param  \Symfony\Component\HttpFoundation\Response $response
-     *
-     * @return \Symfony\Component\HttpFoundation\Response
-     */
-    protected function addCookieToResponse($request, $response)
-    {
-        $config = config('session');
-
-        $response->headers->setCookie(
-            new Cookie(
-                'XSRF-TOKEN', $request->session()->token(), Carbon::now()->getTimestamp() + 60 * $config['lifetime'],
-                $config['path'], $config['domain'], $config['secure'], true
-            )
-        );
-
-        return $response;
-    }
+    protected $except = [
+        //
+    ];
 }