added disabling CSRF to installation instructions

author: Camil Staps 2015-05-20 17:46:14 +0200
committer: Camil Staps 2015-05-20 17:46:14 +0200
commit: 5fbba35acdbae1f506d41bf26b386c55eb22e1fc (patch)
tree: b5159c5adb162e106323d0577d56949663bc7cab
parent: Installation instructions (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/README.md b/README.md
index e63875f..6014fed 100644
--- a/README.md
+++ b/README.md
@@ -32,10 +32,18 @@ RESTful PHP API for Botleagues
 
 * In `config/botleaguesapi.php`, set `allowed_origin` to (an array of) the allowed origin(s) of API requests. Use `*` for a wildcard.
 
-* In `/.env`, set the appropriate configuration values:
+* In `.env`, set the appropriate configuration values:
 
   * `APP_ENV`, `APP_DEBUG`, `APP_KEY`, `APP_URL`
   * `DB_HOST`, `DB_DATABASE`, `DB_USERNAME`, `DB_PASSWORD`
   * `API_VERSION=v1`, `API_DEBUG`, `API_DOMAIN`
 
+* In your `app/Http/Middleware/VerifyCsrfToken.php`, replace the `handle()` function with:
+
+        public function handle($request, Closure $next) {
+            return $next($request);
+        }
+
+  This disables the default CSRF middleware.
+
 After this, you should be good to go. Add configuration settings and the like as usual.
author	Camil Staps	2015-05-20 17:46:14 +0200
committer	Camil Staps	2015-05-20 17:46:14 +0200
commit	5fbba35acdbae1f506d41bf26b386c55eb22e1fc (patch)
tree	b5159c5adb162e106323d0577d56949663bc7cab
parent	Installation instructions (diff)