protected static function set_token($reset = false)
{
// re-use old token when found (= not expired) and expiration is used (otherwise always reset)
if (!$reset and static::$csrf_old_token and \Config::get('security.csrf_expiration', 0) > 0) {
static::$csrf_token = static::$csrf_old_token;
} else {
static::$csrf_token = md5(uniqid() . time());
$expiration = \Config::get('security.csrf_expiration', 0);
\Cookie::set(static::$csrf_token_key, static::$csrf_token, $expiration);
}
}
/**
* Fetch CSRF Token from cookie
*
* @return string
*/
public static function fetch_token()
{
if (static::$csrf_token !== false) {
return static::$csrf_token;
}
static::$csrf_token = \Input::cookie(static::$csrf_token_key, null);
if (static::$csrf_token === null || \Config::get('security.csrf_expiration', 0) <= 0) {
// set new token for next session when necessary
static::regenerate_token();
}
return static::$csrf_token;
}
