Neuron-PHP

CsrfToken
in package

Framework-level CSRF token service.

Generates and validates single-use CSRF tokens backed by the core ISession abstraction (defaulting to a real PHP session). The session key ('csrf_token') matches the CMS implementation so both stay compatible.

Table of Contents

Properties

$_random  : IRandom
$_session  : ISession
$_tokenKey  : string

Methods

__construct()  : mixed
generate()  : string
Generate and store a new CSRF token.
getToken()  : string
Get the current CSRF token, generating one if absent.
regenerate()  : string
Regenerate the CSRF token.
validate()  : bool
Validate a CSRF token. Valid tokens are consumed (single-use).

Properties

$_tokenKey

private string $_tokenKey = 'csrf_token'

Methods

__construct()

public __construct([ISession|null $session = null ][, IRandom|null $random = null ]) : mixed
Parameters
$session : ISession|null = null

Session abstraction (defaults to RealSession)

$random : IRandom|null = null

Random source (defaults to RealRandom)

generate()

Generate and store a new CSRF token.

public generate() : string
Return values
string

getToken()

Get the current CSRF token, generating one if absent.

public getToken() : string
Return values
string

regenerate()

Regenerate the CSRF token.

public regenerate() : string
Return values
string

validate()

Validate a CSRF token. Valid tokens are consumed (single-use).

public validate(string $token) : bool
Parameters
$token : string
Return values
bool
On this page

Search results