(security) use POST for logout rather than GET

see https://github.com/pterodactyl/panel/security/advisories/GHSA-m49f-hcxp-6hm6
2021-10-23 13:00:21 -07:00 · 2021-10-23 13:00:21 -07:00 · 45999ba4ee
commit 45999ba4ee
parent 22a8b2b3a2
3 changed files with 18 additions and 5 deletions
--- a/routes/auth.php
+++ b/routes/auth.php
@ -48,4 +48,4 @@ Route::group(['middleware' => 'guest'], function () {
 | Endpoint: /auth
 |
 */
-Route::get('/logout', 'LoginController@logout')->name('auth.logout')->middleware('auth');
+Route::post('/logout', 'LoginController@logout')->name('auth.logout')->middleware('auth', 'csrf');