From c6e297e849983f57d67ff330f42d37e4444b7ef9 Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Tue, 7 Jul 2015 15:30:13 +0930
Subject: [PATCH] CSRF protection on logout action

---
 framework/core/src/Forum/Actions/LogoutAction.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/framework/core/src/Forum/Actions/LogoutAction.php b/framework/core/src/Forum/Actions/LogoutAction.php
index a91411266..96243d32e 100644
--- a/framework/core/src/Forum/Actions/LogoutAction.php
+++ b/framework/core/src/Forum/Actions/LogoutAction.php
@@ -1,5 +1,6 @@
 <?php namespace Flarum\Forum\Actions;
 
+use Flarum\Api\AccessToken;
 use Flarum\Forum\Events\UserLoggedOut;
 use Flarum\Support\Action;
 use Psr\Http\Message\ServerRequestInterface as Request;
@@ -18,6 +19,10 @@ class LogoutAction extends Action
         $user = app('flarum.actor');
 
         if ($user->exists) {
+            $token = array_get($request->getQueryParams(), 'token');
+
+            AccessToken::where('user_id', $user->id)->findOrFail($token);
+
             $user->accessTokens()->delete();
 
             event(new UserLoggedOut($user));