wip

Author: binaryk

config/config.php

@@ -4,6 +4,18 @@
 
 return [
 
+    /*
+    |--------------------------------------------------------------------------
+    | The router prefix
+    |--------------------------------------------------------------------------
+    |
+    | This will be the prefix for the `/csrf-header` GET route.
+    | E.g. prefix = 'api' => than you can get the header token via: `/api/csrf-header
+    |
+    */
+
+    'prefix' => env('STATELESS_PREFIX', 'api'),
+
     /*
     |--------------------------------------------------------------------------
     | Header Cookie Name
@@ -16,8 +28,8 @@
     */
 
     'header' => env(
-        'SESSION_HEADER',
-        Str::upper(Str::slug(env('APP_NAME', 'laravel'), '-').'-session')
+        'STATELESS_SESSION_HEADER',
+        Str::upper(Str::slug(env('APP_NAME', 'laravel'), '-') . '-session')
     ),
 
 ];

src/Http/Controllers/CsrfHeaderController.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace Binarcode\LaravelStatelessSession\Http\Controllers;
+
+use Illuminate\Http\Response;
+
+class CsrfHeaderController
+{
+    /**
+     * Return an empty response simply to trigger the storage of the CSRF cookie in the browser.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function show()
+    {
+        return new Response('', 204);
+    }
+}

src/LaravelStatelessSessionServiceProvider.php

@@ -2,7 +2,10 @@
 
 namespace Binarcode\LaravelStatelessSession;
 
+use Binarcode\LaravelStatelessSession\Http\Middleware\StartStatelessSession;
 use Illuminate\Support\ServiceProvider;
+use Illuminate\Support\Facades\Route;
+use Binarcode\LaravelStatelessSession\Http\Controllers\CsrfHeaderController;
 
 class LaravelStatelessSessionServiceProvider extends ServiceProvider
 {
@@ -11,6 +14,8 @@ class LaravelStatelessSessionServiceProvider extends ServiceProvider
      */
     public function boot()
     {
+        $this->defineRoutes();
+
         if ($this->app->runningInConsole()) {
             $this->publishes([
                 __DIR__.'/../config/config.php' => config_path('stateless.php'),
@@ -44,4 +49,18 @@ protected function registerSessionManager()
             return new SessionManager($app);
         });
     }
+
+    protected function defineRoutes()
+    {
+        if ($this->app->routesAreCached()) {
+            return;
+        }
+
+        Route::group(['prefix' => config('stateless.prefix', 'api')], function () {
+            Route::get(
+                '/csrf-header',
+                CsrfHeaderController::class.'@show'
+            )->middleware(StartStatelessSession::class);
+        });
+    }
 }