d33pu
d33pu
1 year ago (1,720 XP)
kilrizzy

I know this is old by just ran into it

Another solution if you have a few different services / routes would be to make an additional routes (webhooks.php) file that does not include CSRF protection:

//app/Http/Kernel.php
protected $middlewareGroups = [
    ...
        'webhooks' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ...
];
//app/Providers/RouteServiceProvider.php
public function map()
    {
        ...
        $this->mapWebHooksRoutes();
    ...
}

protected function mapWebHooksRoutes()
{
    Route::middleware('webhooks')
            ->namespace($this->namespace)
            ->group(base_path('routes/webhooks.php'));
}
Youndivian

In Laravel 5.5 I just put the selected rout in routes/api.php instead in routes/web.php. Of course, if the route fits the API request middleware setup

Please sign in or create an account to participate in this conversation.