Laravel CSRF Token Protection
CSRF stands for Cross-site request forgery is a process of sending malicious command to perform certain operation by some unauthorized source. Laravel framework provide facility to protect our application from CSRF attacks.
How CSRF Token Works in Laravel
All POST requests are managed by handle() function defined in RedirectIfAuthenticated.php file. After receiving a request hanle() method perform the following actions.
- Check whether the incoming request is POST
- The reuest is not generated for unit testing.
- Either the route is included in exampt array
- Verify given token is correct