CSRF
  • Namespace
  • Class
  • Tree

Namespaces

  • PHP
  • Riimu
    • Kit
      • CSRF
        • Source
        • Storage

Classes

  • CookieStorage
  • SessionStorage

Interfaces

  • TokenStorage

Exceptions

  • TokenStorageException

Class CookieStorage

Token storage that uses browser cookies to store the CSRF token.

Riimu\Kit\CSRF\Storage\CookieStorage implements Riimu\Kit\CSRF\Storage\TokenStorage
Namespace: Riimu\Kit\CSRF\Storage
Copyright: Copyright (c) 2014, Riikka Kalliomäki
License: MIT License
Author: Riikka Kalliomäki riikka.kalliomaki@gmail.com
Located at Storage/CookieStorage.php

Methods summary

public
# __construct( string $name = 'csrf_token', integer $expire = 0, string $path = '/', string $domain = '', boolean $secure = false, boolean $httpOnly = true )

Creates a new instance of CookieStorage.

Creates a new instance of CookieStorage.

Parameters

$name
Name of the cookie used to store the token
$expire
Lifetime of the token cookie in seconds
$path
Path for the token cookie
$domain
Domain for the token cookie or empty string for none
$secure
Whether to pass cookie only via SSL connection
$httpOnly
Whether to make the cookie available only to requests
public
# storeToken( string $token )

Stores the CSRF token in the persistent storage.

Stores the CSRF token in the persistent storage.

Parameters

$token
The CSRF token to store

Throws

Riimu\Kit\CSRF\Storage\TokenStorageException
If the token cannot be successfully stored

Implementation of

Riimu\Kit\CSRF\Storage\TokenStorage::storeToken()
protected boolean
# setCookie( string $value, array $params )

Sets the cookie that stores the secret CSRF token.

Sets the cookie that stores the secret CSRF token.

Parameters

$value
The value for the cookie
$params
Parameters for the cookie

Returns

boolean
True if the cookie was set successfully, false if not

Throws

Riimu\Kit\CSRF\Storage\TokenStorageException
If the headers have already been sent

Codecoverageignore

public string|false
# getStoredToken( )

Loads the CSRF token from the persistent storage.

Loads the CSRF token from the persistent storage.

Returns

string|false
The stored token or false if none is stored

Throws

Riimu\Kit\CSRF\Storage\TokenStorageException
If the token cannot be successfully loaded

Implementation of

Riimu\Kit\CSRF\Storage\TokenStorage::getStoredToken()
CSRF API documentation generated by ApiGen