Do not run CSRF middleware on JSON Accept header

app/Http/Middleware/VerifyCsrfToken.php

@@ -21,4 +21,13 @@ class VerifyCsrfToken extends Middleware
     protected $except = [
         //
     ];
+
+    public function handle($request, \Closure $next)
+    {
+        if($request->format() == 'json') {
+            return $next($request);
+        } else {
+            return parent::handle($request, $next);
+        }
+    }
 }