Свойство | Type | Description | |
---|---|---|---|
$_classes | array | Class dependencies. |
Méthode | Description | |
---|---|---|
check ( mixed $key, array $options = [] ) : boolean | Checks a single-use hash key against the session token that generated it, using a cryptographically-secure verification method. Accepts either the request key as a string, or a Request object with a $data property containing a ['security']['token'] key. | |
config ( array $config = [] ) : array | Used to get or reconfigure dependencies with custom classes. | |
get ( array $options = [] ) : string | Generates (or regenerates) a cryptographically-secure token to be used for the life of the client session, and stores the token using the Session class. | |
key ( array $options = [] ) : string | Generates a single-use key to be embedded in a form or used with another non-idempotent request (a request that changes the state of the server or application), that will match against a client session token using the check() method. |
public static check ( mixed $key, array $options = [] ) : boolean | ||
$key | mixed | Either the actual key as a string, or a `Request` object containing the key. |
$options | array | The options to use when matching the key to the token: - `'sessionKey'` _string_: The key used when reading the token from the session. |
Résultat | boolean | Returns `true` if the hash key is a cryptographic match to the stored session token. Returns `false` on failure, which indicates a forged request attempt. |
public static get ( array $options = [] ) : string | ||
$options | array | An array of options to be used when generating or storing the token: - `'regenerate'` _boolean_: If `true`, will force the regeneration of a the token, even if one is already available in the session. Defaults to `false`. - `'sessionKey'` _string_: The key used for session storage and retrieval. Defaults to `'security.token'`. - `'salt'` _string_: If the token is being generated (or regenerated), sets a custom salt value to be used by `String::hash()`. - `'type'` _string_: The hashing algorithm used by `String::hash()` when generating the token. Defaults to `'sha512'`. |
Résultat | string | Returns a cryptographically-secure client session token. |
protected static array $_classes | ||
Résultat | array |