use PSR-7 for Xsrf

Author: mevdschee

src/Tqdev/PhpCrudApi/Middleware/XsrfMiddleware.php

@@ -11,13 +11,14 @@
 
 class XsrfMiddleware extends Middleware
 {
-    private function getToken(): string
+    private function getToken(ServerRequestInterface $request): string
     {
         $cookieName = $this->getProperty('cookieName', 'XSRF-TOKEN');
-        if (isset($_COOKIE[$cookieName])) {
-            $token = $_COOKIE[$cookieName];
+        $cookieParams = $request->getCookieParams();
+        if (isset($cookieParams[$cookieName])) {
+            $token = $cookieParams[$cookieName];
         } else {
-            $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';
+            $secure = $request->getUri()->getScheme() == 'https';
             $token = bin2hex(random_bytes(8));
             if (!headers_sent()) {
                 setcookie($cookieName, $token, 0, '/', '', $secure);
@@ -28,7 +29,7 @@ private function getToken(): string
 
     public function process(ServerRequestInterface $request, RequestHandlerInterface $next): ResponseInterface
     {
-        $token = $this->getToken();
+        $token = $this->getToken($request);
         $method = $request->getMethod();
         $excludeMethods = $this->getArrayProperty('excludeMethods', 'OPTIONS,GET');
         if (!in_array($method, $excludeMethods)) {