Added csrf middleware

author: Igor Scheller <igor.scheller@igorshp.de> 2018-09-03 15:33:13 +0100
committer: msquare <msquare@notrademark.de> 2018-11-21 19:24:36 +0100
commit: 23c0fae36fb8159bcf8b95bae98555201146457e (patch)
tree: 6a169114a47391adb1da701f630bb27d73e925d2 /resources/views
parent: 8236989be066c51c5f57884bcc42dbc387794651 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/resources/views/errors/419.twig b/resources/views/errors/419.twig
new file mode 100644
index 00000000..dcfec022
--- /dev/null
+++ b/resources/views/errors/419.twig
@@ -0,0 +1,7 @@
+{% extends "errors/default.twig" %}
+
+{% block title %}{{ __("Authentication expired") }}{% endblock %}
+
+{% block content %}
+    <div class="alert alert-warning">{{ __("The provided CSRF token is invalid or has expired") }}</div>
+{% endblock %}
diff --git a/resources/views/layouts/app.twig b/resources/views/layouts/app.twig
index fcbcc665..dc02e3ed 100644
--- a/resources/views/layouts/app.twig
+++ b/resources/views/layouts/app.twig
@@ -7,6 +7,7 @@
 
         <meta charset="UTF-8"/>
         <meta name="viewport" content="width=device-width, initial-scale=1">
+        <meta name="csrf-token" content="{{ csrf_token() }}">
 
         <link rel="stylesheet" type="text/css" href="{{ asset('assets/theme' ~ theme ~ '.css') }}"/>
         <script type="text/javascript" src="{{ asset('assets/vendor.js') }}"></script>
author	Igor Scheller <igor.scheller@igorshp.de>	2018-09-03 15:33:13 +0100
committer	msquare <msquare@notrademark.de>	2018-11-21 19:24:36 +0100
commit	23c0fae36fb8159bcf8b95bae98555201146457e (patch)
tree	6a169114a47391adb1da701f630bb27d73e925d2 /resources/views
parent	8236989be066c51c5f57884bcc42dbc387794651 (diff)