diff --git a/src/CkEditor.php b/src/CkEditor.php
index 15bb119..d29e138 100644
--- a/src/CkEditor.php
+++ b/src/CkEditor.php
@@ -6,19 +6,20 @@
 
 use Illuminate\Contracts\Routing\UrlGenerator;
 use Illuminate\Contracts\View\Factory;
+use Illuminate\Session\Store;
 
 class CkEditor
 {
     private $view;
-
     private $url;
-
+    private $session;
     private $instanceCount = 0;
 
-    public function __construct(Factory $view, UrlGenerator $url)
+    public function __construct(Factory $view, UrlGenerator $url, Store $session)
     {
         $this->view = $view;
         $this->url = $url;
+        $this->session = $session;
     }
 
     public function editor($name = null, $config = null)
@@ -31,8 +32,8 @@ public function editor($name = null, $config = null)
     private function config()
     {
         return [
-            'filebrowserImageUploadUrl' => $this->url->route('ckeditor.images.store'),
-            'uploadUrl' => $this->url->route('ckeditor.images.store', 'json'),
+            'filebrowserImageUploadUrl' => $this->url->route('ckeditor.images.store', ['_token' => $this->session->token()]),
+            'uploadUrl' => $this->url->route('ckeditor.images.store', ['json', '_token' => $this->session->token()]),
             'extraPlugins' => 'uploadimage'
         ];
     }
diff --git a/src/Http/Middleware/VerifyCsrfToken.php b/src/Http/Middleware/VerifyCsrfToken.php
deleted file mode 100644
index ba0d50a..0000000
--- a/src/Http/Middleware/VerifyCsrfToken.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-
-namespace JeroenNoten\LaravelCkEditor\Http\Middleware;
-
-
-use Closure;
-use Illuminate\Http\Request;
-use Illuminate\Session\TokenMismatchException;
-
-class VerifyCsrfToken
-{
-    public function handle($request, Closure $next)
-    {
-        if (!$this->tokensMatch($request)) {
-            throw new TokenMismatchException;
-        }
-
-        return $next($request);
-    }
-
-    private function tokensMatch(Request $request)
-    {
-        $cookieToken = $request->cookie('ckCsrfToken');
-
-        $token = $request->input('ckCsrfToken');
-
-        if (!is_string($cookieToken) || !is_string($token)) {
-            return false;
-        }
-
-        return hash_equals($cookieToken, $token);
-    }
-}
\ No newline at end of file
diff --git a/src/ServiceProvider.php b/src/ServiceProvider.php
index 54fd9b3..9342a48 100644
--- a/src/ServiceProvider.php
+++ b/src/ServiceProvider.php
@@ -54,7 +54,7 @@ private function registerRoutes(Router $router)
         $router->group([
             'prefix' => 'ckeditor',
             'as' => 'ckeditor.',
-            'middleware' => ['api', StartSession::class, 'auth', VerifyCsrfToken::class],
+            'middleware' => ['web', 'auth'],
             'namespace' => __NAMESPACE__ . '\\Http\\Controllers'
         ], function (Router $router) {
 
diff --git a/tests/ImagesTest.php b/tests/ImagesTest.php
index ef3ed3b..dd5a539 100644
--- a/tests/ImagesTest.php
+++ b/tests/ImagesTest.php
@@ -33,19 +33,6 @@ public function testJsonUpload(UrlGenerator $urlGenerator)
         ]);
     }
 
-    /**
-     * @param UrlGenerator $urlGenerator
-     * @expectedException \Illuminate\Session\TokenMismatchException
-     */
-    public function testCsrf(UrlGenerator $urlGenerator)
-    {
-        $this->actingAs(new User);
-
-        $this->upload($urlGenerator->route('ckeditor.images.store', [
-            'CKEditorFuncNum' => 9
-        ]), 0, false);
-    }
-
     public function testAuth(UrlGenerator $urlGenerator)
     {
         $this->upload($urlGenerator->route('ckeditor.images.store', [