CsrfTokenManagerInterface
in
Manages CSRF tokens.
Tags
Table of Contents
Methods
- getToken() : CsrfToken
- Returns a CSRF token for the given ID.
- isTokenValid() : bool
- Returns whether the given CSRF token is valid.
- refreshToken() : CsrfToken
- Generates a new token value for the given ID.
- removeToken() : string|null
- Invalidates the CSRF token with the given ID, if one exists.
Methods
getToken()
Returns a CSRF token for the given ID.
public
getToken(string $tokenId) : CsrfToken
If previously no token existed for the given ID, a new token is generated. Otherwise the existing token is returned (with the same value, not the same instance).
Parameters
- $tokenId : string
-
The token ID. You may choose an arbitrary value for the ID
Return values
CsrfTokenisTokenValid()
Returns whether the given CSRF token is valid.
public
isTokenValid(CsrfToken $token) : bool
Parameters
- $token : CsrfToken
Return values
boolrefreshToken()
Generates a new token value for the given ID.
public
refreshToken(string $tokenId) : CsrfToken
This method will generate a new token for the given token ID, independent of whether a token value previously existed or not. It can be used to enforce once-only tokens in environments with high security needs.
Parameters
- $tokenId : string
-
The token ID. You may choose an arbitrary value for the ID
Return values
CsrfTokenremoveToken()
Invalidates the CSRF token with the given ID, if one exists.
public
removeToken(string $tokenId) : string|null
Parameters
- $tokenId : string
Return values
string|null —Returns the removed token value if one existed, NULL otherwise