0

hello i am new at laravel and i build an eCommerce platform (details aren't important) anyway my problem is i created a route that can catch all event from paypal webhook but when i directly access to it it's working but when i try from paypal webhook Simulator or even if did a sandbox payment didn't go through i know the problem is from csrf verification and i tried excluding the route but didn't work and also tried creating a new RouteServiceProvider here is my code in the Controller so i can catch anything from the request

$headers = getallheaders();

file_put_contents("/home/username/public_html/test.txt", json_encode($headers));

here is my route

Route::domain(env("APP_DOMAIN"))->group(function () {
    Route::get('/paypal/n', 'HomeController@notifications');
});

i used domain(env("APP_DOMAIN")) because everyone can add his own domain and i want this to work just in the main domain .

the code in the RouteServiceProvider

public function map()
{
    $this->mapApiRoutes();

    $this->mapWebRoutes();

    $this->mapPaymentRoutes();

    //
}

protected function mapPaymentRoutes()
{
    Route::middleware('payment')
        ->namespace($this->namespace)
        ->group(base_path('routes/payment.php'));
}

and of course i did define the payment middleware in the file Kernel.php and comment the VerifyCsrfToken class

protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        // \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],
    'payment' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        // \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        // \App\Http\Middleware\VerifyCsrfToken::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],

    'api' => [
        'throttle:60,1',
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
    ],
];

and even with all this and like a lot of test i couldn't get it to work if i send a request to a pure php file it's working fine. can you please help me with this i tried to find a solution in my own but it takes me like 15 days without any luck i use laravel 6 .

4

1 回答 1

0

in case someone else is struggling with this problem i had to do a work a round by creating a pure php file in public and send webhook request to that file url/file.php and the file catch data and send it to a command i created inside laravel to process it, so that everything that has anything to do with database is inside laravel and the file.php is just like a pipe . i know it's not the best idea but it's not the worst either and thanks for everyone who tried to help me .

于 2020-09-28T00:04:48.357 回答