public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
if (Utils\Helpers::getMimeType($response) !== 'text/html') {
return $next($request, $response);
}
if (Utils\Helpers::isPost($request) && !$this->isValid($request)) {
return $response->withStatus(403);
}
$value = $this->encrypt(time());
$generator = function () use($value) {
return '<input type="hidden" name="' . $this->inputName . '" value="' . $value . '">';
};
if (!$this->autoInsert) {
$request = self::setAttribute($request, self::KEY_GENERATOR, $generator);
return $next($request, $response);
}
$response = $next($request, $response);
return $this->insertIntoPostForms($response, function ($match) use($generator) {
return $match[0] . $generator();
});
}