/** * Load the session for the current request. * * @param null|string $key */ public function load($key) { if ($key !== null) { $this->session = $this->storage->load($key); } // If the session doesn't exist or is invalid. if (is_null($this->session) || static::expired($this->session)) { $this->exists = false; $this->session = $this->storage->fresh(); } // A CSRF token is stored in every session to protect // the application from cross-site request if (!$this->has(Session::CSRF)) { $this->put(Session::CSRF, Character::random(40)); } }