feat: wire dynamic config resolver and exclude webhook from CSRF

app/Providers/AppServiceProvider.php

@@ -2,7 +2,9 @@
 
 namespace App\Providers;
 
+use App\Models\Setting;
 use Illuminate\Support\ServiceProvider;
+use PromoSeven\UltraMessage\Facades\UltraMessage;
 
 class AppServiceProvider extends ServiceProvider
 {
@@ -19,6 +21,15 @@ class AppServiceProvider extends ServiceProvider
      */
     public function boot(): void
     {
-        //
+        UltraMessage::configUsing(function () {
+            return [
+                'instance_id'    => Setting::get('ultramsg_instance_id', config('ultra-message.instance_id')),
+                'token'          => Setting::get('ultramsg_token', config('ultra-message.token')),
+                'webhook_secret' => Setting::get('ultramsg_webhook_secret', config('ultra-message.webhook_secret')),
+                'webhook_path'   => Setting::get('ultramsg_webhook_path', config('ultra-message.webhook_path', 'ultra-message/webhook')),
+                'timeout'        => config('ultra-message.timeout', 30),
+                'enabled'        => (bool) Setting::get('ultramsg_enabled', config('ultra-message.enabled', true)),
+            ];
+        });
     }
 }

bootstrap/app.php

@@ -16,6 +16,11 @@ return Application::configure(basePath: dirname(__DIR__))
             'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
             'role_or_permission' => \Spatie\Permission\Middleware\RoleOrPermissionMiddleware::class,
         ]);
+
+        $middleware->validateCsrfTokens(except: [
+            'ultra-message/webhook',
+            'ultra-message/*',
+        ]);
     })
     ->withExceptions(function (Exceptions $exceptions): void {
         //