diff options
Diffstat (limited to 'src/Middleware')
-rw-r--r-- | src/Middleware/VerifyCsrfToken.php | 13 |
1 files changed, 2 insertions, 11 deletions
diff --git a/src/Middleware/VerifyCsrfToken.php b/src/Middleware/VerifyCsrfToken.php index cc0c1fbc..0623fa72 100644 --- a/src/Middleware/VerifyCsrfToken.php +++ b/src/Middleware/VerifyCsrfToken.php @@ -2,6 +2,7 @@ namespace Engelsystem\Middleware; +use Engelsystem\Http\Exceptions\HttpAuthExpired; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\MiddlewareInterface; @@ -37,7 +38,7 @@ class VerifyCsrfToken implements MiddlewareInterface return $handler->handle($request); } - return $this->notAuthorizedResponse(); + throw new HttpAuthExpired('Authentication Token Mismatch'); } /** @@ -77,14 +78,4 @@ class VerifyCsrfToken implements MiddlewareInterface && is_string($sessionToken) && hash_equals($sessionToken, $token); } - - /** - * @return ResponseInterface - * @codeCoverageIgnore - */ - protected function notAuthorizedResponse(): ResponseInterface - { - // The 419 code is used as "Page Expired" to differentiate from a 401 (not authorized) - return response()->withStatus(419, 'Authentication Token Mismatch'); - } } |