From 63dfbb24af3e7d4bea6d96f818fc0991d3cd6c6b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20Sessing=C3=B8?= <simon.sessingoe@gmail.com>
Date: Thu, 22 Oct 2015 19:33:20 +0200
Subject: [PATCH] [BUGFIX] Bugfix

- Fixed csrf-token cookie not being set on some paths.
- Changed RouterException in BaseCsrfVerifier to TokenMismatchException.
---
 src/Pecee/Exception/TokenMismatchException.php |  4 ++++
 src/Pecee/Http/Middleware/BaseCsrfVerifier.php | 14 +++++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)
 create mode 100644 src/Pecee/Exception/TokenMismatchException.php

diff --git a/src/Pecee/Exception/TokenMismatchException.php b/src/Pecee/Exception/TokenMismatchException.php
new file mode 100644
index 0000000..0a45962
--- /dev/null
+++ b/src/Pecee/Exception/TokenMismatchException.php
@@ -0,0 +1,4 @@
+<?php
+namespace Pecee\Exception;
+
+class TokenMismatchException extends \Exception {}
\ No newline at end of file
diff --git a/src/Pecee/Http/Middleware/BaseCsrfVerifier.php b/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
index c3edcd1..33b0bed 100644
--- a/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
+++ b/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
@@ -1,10 +1,9 @@
 <?php
-
 namespace Pecee\Http\Middleware;
 
 use Pecee\CsrfToken;
+use Pecee\Exception\TokenMismatchException;
 use Pecee\Http\Request;
-use Pecee\SimpleRouter\RouterException;
 
 class BaseCsrfVerifier extends Middleware {
 
@@ -12,6 +11,12 @@ class BaseCsrfVerifier extends Middleware {
     const HEADER_KEY = 'X-CSRF-TOKEN';
 
     protected $except;
+    protected $csrfToken;
+
+
+    public function __construct() {
+        $this->csrfToken = new CsrfToken();
+    }
 
     /**
      * Check if the url matches the urls in the except property
@@ -52,9 +57,8 @@ class BaseCsrfVerifier extends Middleware {
                 $token = $request->getHeader(self::HEADER_KEY);
             }
 
-            $tokenValidator = new CsrfToken();
-            if( !$tokenValidator->validate( $token ) ) {
-                throw new RouterException('Invalid csrf-token.');
+            if( !$this->csrfToken->validate( $token ) ) {
+                throw new TokenMismatchException('Invalid csrf-token.');
             }
 
         }