CsrfTokenManager
class CsrfTokenManager implements CsrfTokenManagerInterface
Default implementation of {@link CsrfTokenManagerInterface}.
Methods
Creates a new CSRF provider using PHP's native session storage.
Generates a new token value for the given ID.
Invalidates the CSRF token with the given ID, if one exists.
Details
at line line 43
__construct(TokenGeneratorInterface $generator = null, TokenStorageInterface $storage = null)
Creates a new CSRF provider using PHP's native session storage.
at line line 52
CsrfToken
getToken(string $tokenId)
Returns a CSRF token for the given ID.
If previously no token existed for the given ID, a new token is generated. Otherwise the existing token is returned (with the same value, not the same instance).
at line line 68
CsrfToken
refreshToken(string $tokenId)
Generates a new token value for the given ID.
This method will generate a new token for the given token ID, independent of whether a token value previously existed or not. It can be used to enforce once-only tokens in environments with high security needs.
at line line 80
string|null
removeToken(string $tokenId)
Invalidates the CSRF token with the given ID, if one exists.
at line line 88
bool
isTokenValid(CsrfToken $token)
Returns whether the given CSRF token is valid.