CsrfToken
in package
CSRF token service.
Generates and validates CSRF tokens to prevent Cross-Site Request Forgery attacks.
Table of Contents
Properties
- $_sessionManager : SessionManager
- $_tokenKey : string
- $random : IRandom
Methods
- __construct() : mixed
- generate() : string
- Generate a new CSRF token
- getToken() : string
- Get the current CSRF token (generate if doesn't exist)
- regenerate() : string
- Regenerate CSRF token
- validate() : bool
- Validate a CSRF token (single-use)
Properties
$_sessionManager
private
SessionManager
$_sessionManager
$_tokenKey
private
string
$_tokenKey
= 'csrf_token'
$random
private
IRandom
$random
Methods
__construct()
public
__construct(SessionManager $sessionManager[, IRandom|null $random = null ]) : mixed
Parameters
- $sessionManager : SessionManager
- $random : IRandom|null = null
generate()
Generate a new CSRF token
public
generate() : string
Return values
stringgetToken()
Get the current CSRF token (generate if doesn't exist)
public
getToken() : string
Return values
stringregenerate()
Regenerate CSRF token
public
regenerate() : string
Return values
stringvalidate()
Validate a CSRF token (single-use)
public
validate(string $token) : bool
Parameters
- $token : string