We can make this middleware significantly simpler

DaneEveritt · DaneEveritt · commit 56f15c15a13f · 2022-05-22T16:54:07.000-04:00
diff --git a/app/Http/Middleware/EnsureStatefulRequests.php b/app/Http/Middleware/EnsureStatefulRequests.php
@@ -2,27 +2,10 @@
 
 namespace Pterodactyl\Http\Middleware;
 
-use Illuminate\Http\Request;
-use Illuminate\Routing\Pipeline;
-use Illuminate\Session\Middleware\StartSession;
-use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
 use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
 
 class EnsureStatefulRequests extends EnsureFrontendRequestsAreStateful
 {
-    /**
-     * {@inheritDoc}
-     */
-    public function handle($request, $next)
-    {
-        $this->configureSecureCookieSessions();
-
-        return (new Pipeline(app()))
-            ->send($request)
-            ->through($this->isStateful($request) ? $this->statefulMiddleware() : [])
-            ->then(fn ($request) => $next($request));
-    }
-
     /**
      * Determines if a request is stateful or not. This is determined using the default
      * Sanctum "fromFrontend" helper method. However, we also check if the request includes
@@ -32,26 +15,12 @@ public function handle($request, $next)
      * We don't want to support API usage using the cookies, except for requests stemming
      * from the front-end we control.
      */
-    protected function isStateful(Request $request): bool
-    {
-        return static::fromFrontend($request) || $request->hasCookie(config('session.cookie'));
-    }
-
-    /**
-     * Returns the middleware to be applied to a stateful request to the API.
-     */
-    protected function statefulMiddleware(): array
+    public static function fromFrontend($request)
     {
-        return [
-            function ($request, $next) {
-                $request->attributes->set('sanctum', true);
+        if (parent::fromFrontend($request)) {
+            return true;
+        }
 
-                return $next($request);
-            },
-            config('sanctum.middleware.encrypt_cookies', EncryptCookies::class),
-            AddQueuedCookiesToResponse::class,
-            StartSession::class,
-            config('sanctum.middleware.verify_csrf_token', VerifyCsrfToken::class),
-        ];
+        return $request->hasCookie(config('session.cookie'));
     }
 }
