/** * @return string */ public function __invoke() { $token = $this->session->get('csrf', null); $expiry = $this->session->get('csrfExpiry', 0); if ($expiry < time() || !$token) { $token = base64_encode(openssl_random_pseudo_bytes(32)); $this->session->set('csrf', $token); $this->session->set('csrfExpiry', time() + 3600); } return $token; }
/** * @param $identity * * @return $this */ public function authenticate($identity) { $this->session->set(get_class($this), $identity); return $this; }