New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[13.x] Always validate auth token #1769

Merged

taylorotwell merged 2 commits into laravel:13.x from hafezdivandari:13-x-fix-auth-request

Jul 5, 2024

Contributor

hafezdivandari commented Jul 5, 2024 •

edited

Loading

The auth_token was validated only if present on the request, this PR does:

Make sure the auth_token is present and filled.
Merges assertValidAuthToken() method into getAuthRequestFromSession() method, we always validating the auth request from session before retrieving.
Pull the values from session (get and forget at the same time) to not be misused on the future requests.

hafezdivandari added 2 commits

July 5, 2024 16:52


          fix trait

a8fbe98


          fix tests

f429dc2

taylorotwell merged commit 0ee1d8b into laravel:13.x

9 checks passed

hafezdivandari deleted the 13-x-fix-auth-request branch

July 5, 2024 17:28

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet