class SessionCsrfProvider extends DefaultCsrfProvider
deprecated
since version 2.4, to be removed in 3.0. Use {@link \Symfony\Component\Security\Csrf\CsrfTokenManager} in combination with {@link \Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage} instead.
This provider uses a Symfony Session object to retrieve the user's session ID.
Methods
__construct(Session $session, string $secret) Initializes the provider with a Session object and a secret value. | ||
string | generateCsrfToken(string $intention) Generates a CSRF token for a page of your application. | from DefaultCsrfProvider |
bool | isCsrfTokenValid(string $intention, string $token) Validates a CSRF token. | from DefaultCsrfProvider |
Details
__construct(Session $session, string $secret)
Initializes the provider with a Session object and a secret value.
A recommended value for the secret is a generated value with at least 32 characters and mixed letters, digits and special characters.
string generateCsrfToken(string $intention)
Generates a CSRF token for a page of your application.
bool isCsrfTokenValid(string $intention, string $token)
Validates a CSRF token.
Please login to continue.