ghassan/MiknasTrading
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: toggle double-fire and CSRF-protect test-whatsapp endpoint

Browse Source
This commit is contained in:
Ghassan Yusuf 2026-05-19 13:16:07 +03:00
parent 12751ab39c
commit d1f40c4124
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
resources/views/settings/integrations.blade.php
View File

@ -27,7 +27,7 @@
<p style="font-size:14px;font-weight:500;color:#374151;margin:0 0 2px;">Enable WhatsApp Notifications</p> <p style="font-size:14px;font-weight:500;color:#374151;margin:0 0 2px;">Enable WhatsApp Notifications</p>
<p style="font-size:12px;color:#6b7280;margin:0;">When disabled, no messages will be sent.</p> <p style="font-size:12px;color:#6b7280;margin:0;">When disabled, no messages will be sent.</p>
</div> </div>
<label style="position:relative;display:inline-flex;align-items:center;cursor:pointer;"> <div style="position:relative;display:inline-flex;align-items:center;cursor:pointer;">
<input type="hidden" name="enabled" value="0"> <input type="hidden" name="enabled" value="0">
<input type="checkbox" name="enabled" value="1" <input type="checkbox" name="enabled" value="1"
{{ $settings['enabled'] ? 'checked' : '' }} {{ $settings['enabled'] ? 'checked' : '' }}
@ -46,7 +46,7 @@
transition:left .2s; transition:left .2s;
"></div> "></div>
</div> </div>
</label> </div>
</div> </div>
<hr style="border:none;border-top:1px solid #e5e7eb;margin:0 0 20px;"> <hr style="border:none;border-top:1px solid #e5e7eb;margin:0 0 20px;">
@ -175,7 +175,11 @@ document.getElementById('btn-test-connection').addEventListener('click', functio
statusEl.style.fontWeight = '400'; statusEl.style.fontWeight = '400';
fetch('{{ route('settings.integrations.test-whatsapp') }}', { fetch('{{ route('settings.integrations.test-whatsapp') }}', {
headers: { 'X-Requested-With': 'XMLHttpRequest' } method: 'POST',
headers: {
'X-Requested-With': 'XMLHttpRequest',
'X-CSRF-TOKEN': document.querySelector('meta[name="csrf-token"]').content
}
}) })
.then(function (r) { return r.json(); }) .then(function (r) { return r.json(); })
.then(function (data) { .then(function (data) {

2
routes/web.php
View File

@ -119,7 +119,7 @@ Route::middleware(['auth', 'verified'])->group(function () {
Route::middleware('role:Admin')->group(function () { Route::middleware('role:Admin')->group(function () {
Route::get('settings/integrations', [SettingsController::class, 'integrations'])->name('settings.integrations'); Route::get('settings/integrations', [SettingsController::class, 'integrations'])->name('settings.integrations');
Route::post('settings/integrations/whatsapp', [SettingsController::class, 'updateWhatsapp'])->name('settings.integrations.whatsapp'); Route::post('settings/integrations/whatsapp', [SettingsController::class, 'updateWhatsapp'])->name('settings.integrations.whatsapp');
Route::get('settings/integrations/test-whatsapp', [SettingsController::class, 'testWhatsappConnection'])->name('settings.integrations.test-whatsapp'); Route::post('settings/integrations/test-whatsapp', [SettingsController::class, 'testWhatsappConnection'])->name('settings.integrations.test-whatsapp');
}); });
}); });