Development

- Ensure that request-method is always lowercase.
- Fixed spaces instead of tabs to comply with PSR-2.

src/Pecee/Http/Middleware/BaseCsrfVerifier.php

@@ -8,92 +8,93 @@ use Pecee\SimpleRouter\Route\ILoadableRoute;
 
 class BaseCsrfVerifier implements IMiddleware
 {
-	const POST_KEY = 'csrf-token';
-	const HEADER_KEY = 'X-CSRF-TOKEN';
+    const POST_KEY = 'csrf-token';
+    const HEADER_KEY = 'X-CSRF-TOKEN';
 
-	protected $except;
-	protected $csrfToken;
-	protected $token;
+    protected $except;
+    protected $csrfToken;
+    protected $token;
 
-	public function __construct()
-	{
-		$this->csrfToken = new CsrfToken();
+    public function __construct()
+    {
+        $this->csrfToken = new CsrfToken();
 
-		// Generate or get the CSRF-Token from Cookie.
-		$this->token = ($this->hasToken() === false) ? $this->generateToken() : $this->csrfToken->getToken();
-	}
+        // Generate or get the CSRF-Token from Cookie.
+        $this->token = ($this->hasToken() === false) ? $this->generateToken() : $this->csrfToken->getToken();
+    }
 
-	/**
-	 * Check if the url matches the urls in the except property
-	 * @param Request $request
-	 * @return bool
-	 */
-	protected function skip(Request $request)
-	{
-		if ($this->except === null || is_array($this->except) === false) {
-			return false;
-		}
+    /**
+     * Check if the url matches the urls in the except property
+     * @param Request $request
+     * @return bool
+     */
+    protected function skip(Request $request)
+    {
+        if ($this->except === null || is_array($this->except) === false) {
+            return false;
+        }
 
-		$max = count($this->except) - 1;
+        $max = count($this->except) - 1;
 
-		for ($i = $max; $i >= 0; $i--) {
-			$url = $this->except[$i];
+        for ($i = $max; $i >= 0; $i--) {
+            $url = $this->except[$i];
 
-			$url = rtrim($url, '/');
-			if ($url[strlen($url) - 1] === '*') {
-				$url = rtrim($url, '*');
-				$skip = (stripos($request->getUri(), $url) === 0);
-			} else {
-				$skip = ($url === rtrim($request->getUri(), '/'));
-			}
+            $url = rtrim($url, '/');
+            if ($url[strlen($url) - 1] === '*') {
+                $url = rtrim($url, '*');
+                $skip = (stripos($request->getUri(), $url) === 0);
+            } else {
+                $skip = ($url === rtrim($request->getUri(), '/'));
+            }
 
-			if ($skip === true) {
-				return true;
-			}
-		}
+            if ($skip === true) {
+                return true;
+            }
+        }
 
-		return false;
-	}
+        return false;
+    }
 
-	public function handle(Request $request, ILoadableRoute &$route = null)
-	{
+    public function handle(Request $request, ILoadableRoute &$route = null)
+    {
 
-		if (in_array($request->getMethod(), ['post', 'put', 'delete']) === true && $this->skip($request) === false) {
+        if (in_array($request->getMethod(), ['post', 'put', 'delete']) === true && $this->skip($request) === false) {
 
-			$token = $request->getInput()->get(static::POST_KEY, null, 'post');
+            $token = $request->getInput()->get(static::POST_KEY, null, 'post');
 
-			// If the token is not posted, check headers for valid x-csrf-token
-			if ($token === null) {
-				$token = $request->getHeader(static::HEADER_KEY);
-			}
+            // If the token is not posted, check headers for valid x-csrf-token
+            if ($token === null) {
+                $token = $request->getHeader(static::HEADER_KEY);
+            }
 
-			if ($this->csrfToken->validate($token) === false) {
-				throw new TokenMismatchException('Invalid csrf-token.');
-			}
+            if ($this->csrfToken->validate($token) === false) {
+                throw new TokenMismatchException('Invalid csrf-token.');
+            }
 
-		}
+        }
 
-	}
+    }
 
-	public function generateToken()
-	{
-		$token = $this->csrfToken->generateToken();
-		$this->csrfToken->setToken($token);
-		return $token;
-	}
+    public function generateToken()
+    {
+        $token = $this->csrfToken->generateToken();
+        $this->csrfToken->setToken($token);
 
-	public function hasToken()
-	{
-		if ($this->token != null) {
-			return true;
-		}
+        return $token;
+    }
 
-		return $this->csrfToken->hasToken();
-	}
+    public function hasToken()
+    {
+        if ($this->token != null) {
+            return true;
+        }
 
-	public function getToken()
-	{
-		return $this->token;
-	}
+        return $this->csrfToken->hasToken();
+    }
+
+    public function getToken()
+    {
+        return $this->token;
+    }
 
 }