Fix csrf token while get payment status

2022-12-15 05:36:34 +01:00 · 2022-12-15 05:36:34 +01:00 · 51b26f9027
parent 6366c22e0f
commit 51b26f9027
4 changed files with 17 additions and 12 deletions
--- a/app/Http/Controllers/YoomeeV2Controller.php
+++ b/app/Http/Controllers/YoomeeV2Controller.php
@ -355,16 +355,16 @@ class YoomeeV2Controller extends Controller

        }

-        if ($transaction->state == PaymentTransactionState::ACCEPTED) {
-            return [
-                'message' => "Payment accepted",
-                'status' => 1,
-                'refresh' => 1,
-            ];
-        } else {
-            if($verify_btn){
-                return redirect()->route('checkout',['payment_token' => $transaction->payment_token]);
-            }else{
+        if($verify_btn){
+            return redirect()->route('checkout',['payment_token' => $transaction->payment_token]);
+        }else {
+            if ($transaction->state == PaymentTransactionState::ACCEPTED) {
+                return [
+                    'message' => "Payment accepted",
+                    'status' => 1,
+                    'refresh' => 1,
+                ];
+            } else {
                return [
                    'message' => "Payment failed",
                    'status' => 0
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@ -3,6 +3,7 @@
 namespace App\Http\Middleware;

 use Closure;
+use Illuminate\Support\Facades\Log;
 use Symfony\Component\HttpFoundation\Cookie;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Illuminate\Session\TokenMismatchException;
@ -53,6 +54,9 @@ class VerifyCsrfToken {
    protected function tokensMatch($request) {
        $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');

+        Log::info($token);
+        Log::error($request->session()->token());
+
        if (!$token && $header = $request->header('X-XSRF-TOKEN')) {
            $token = $this->encrypter->decrypt($header);
        }
--- a/resources/views/verify-payment.blade.php
+++ b/resources/views/verify-payment.blade.php
@ -53,7 +53,7 @@

        @keyframes  ldio-5owbnf6l9j7-r {
            0% {
-                transform: translate(148px, 80px) scale(1):
+                transform: translate(148px, 80px) scale(1);
            }
            100% {
                transform: translate(148px, 80px) scale(0);
@ -269,6 +269,7 @@
                var myHeaders = new Headers();
                var url = "{{route('yoomee.v2.verify')}}";
                var raw = JSON.stringify({
+                    "_token" : "{{ app('request')->session()->get('_token') }}",
                    "transaction_id": "{{$transaction_id}}"
                });

--- a/routes/web.php
+++ b/routes/web.php
@ -21,7 +21,7 @@ $router->group(['middleware' => 'session'], function () use ($router) {
 //    });
    $router->get('checkout/{payment_token}', ['as' => 'checkout', 'uses' => 'PaymentController@checkout']);
    $router->post('checkoutPay', ['as' => 'yoomee.v2.checkoutPay', 'uses' => 'YoomeeV2Controller@checkoutPay','middleware' => 'csrf']);
-    $router->post('status', ['as' => 'yoomee.v2.verify', 'uses' => 'YoomeeV2Controller@getPaymentStatus', 'middleware' => 'csrf']);
+    $router->post('status', ['as' => 'yoomee.v2.verify', 'uses' => 'YoomeeV2Controller@getPaymentStatus']);
    $router->get('merchantRedirect', ['as' => 'yoomee.v2.merchantRedirect', 'uses' => 'YoomeeV2Controller@merchantRedirect']);
 });