fixed csrf error page

Author: davepartner

app/Middlewares/CsrfViewMiddleware.php

@@ -21,6 +21,33 @@ public function __invoke($request, $response, $next){
 
 		 //this can be access from the view with {{ csrf.field | raw }}
 
+		 if (false === $request->getAttribute('csrf_status')) {
+    			
+					// successfully passed CSRF check
+
+				// display suitable error here
+				 $route = $request->getAttribute('route');
+
+					// return NotFound for non existent route
+					if (empty($route->getName())) {
+						//throw new NotFoundException($request, $response);
+						return $response->write("CSRF error: return to the previous page, refresh it, then retry"); 
+						
+					}
+
+					$name = $route->getName();
+					$groups = $route->getGroups();
+					$methods = $route->getMethods();
+					$arguments = $route->getArguments();
+
+					
+			return $response->withRedirect($this->container->router->pathFor($name));
+
+
+			
+			} else {
+			
+			}
 
 		//the below must be done in all middlewares
 		$response = $next($request, $response);

config/ContainerConfig.php

@@ -24,7 +24,14 @@
 };
 
 $container['csrf'] = function ($container){
-	return new \Slim\Csrf\Guard;
+	//return new \Slim\Csrf\Guard;
+	
+	$guard = new \Slim\Csrf\Guard();
+    $guard->setFailureCallable(function ($request, $response, $next) {
+        $request = $request->withAttribute("csrf_status", true); //set to false if you dont want persistent tokens
+        return $next($request, $response);
+    });
+    return $guard;
 };