protected tokensMatch ( Illuminate\Http\Request $request ) : boolean | ||
$request | Illuminate\Http\Request | |
return | boolean |
protected function tokensMatch($request)
{
$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
$token = $this->encrypter->decrypt($header);
}
return StringUtils::equals($request->session()->token(), $token);
}