Merge pull request #10 from skipperbent/development

Development

README.md

@@ -33,7 +33,7 @@ Add the latest version pf Simple PHP Router to your ```composer.json```
 
 - Global Constraints
 - Sub-Domain Routing
-- Optional/required parameters
+- Required parameters
 
 ## Initialising the router
 
@@ -269,4 +269,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+SOFTWARE.

src/Pecee/Exception/TokenMismatchException.php

@@ -0,0 +1,4 @@
+<?php
+namespace Pecee\Exception;
+
+class TokenMismatchException extends \Exception {}

src/Pecee/Http/Middleware/BaseCsrfVerifier.php

@@ -1,10 +1,9 @@
 <?php
-
 namespace Pecee\Http\Middleware;
 
 use Pecee\CsrfToken;
+use Pecee\Exception\TokenMismatchException;
 use Pecee\Http\Request;
-use Pecee\SimpleRouter\RouterException;
 
 class BaseCsrfVerifier extends Middleware {
 
@@ -12,6 +11,12 @@ class BaseCsrfVerifier extends Middleware {
     const HEADER_KEY = 'X-CSRF-TOKEN';
 
     protected $except;
+    protected $csrfToken;
+
+
+    public function __construct() {
+        $this->csrfToken = new CsrfToken();
+    }
 
     /**
      * Check if the url matches the urls in the except property
@@ -52,9 +57,8 @@ class BaseCsrfVerifier extends Middleware {
                 $token = $request->getHeader(self::HEADER_KEY);
             }
 
-            $tokenValidator = new CsrfToken();
+            if( !$this->csrfToken->validate( $token ) ) {
-            if( !$tokenValidator->validate( $token ) ) {
+                throw new TokenMismatchException('Invalid csrf-token.');
-                throw new RouterException('Invalid csrf-token.');
             }
 
         }