<?php namespace igniteStack\auth\login; include_once "../../autoload.php"; use igniteStack\System\Flow\Authentication\CSRF; # Start a session session_start(); # Verify CSRF objects try { CSRF::verify_CSRF_Object('csrf_token', $_POST['csrf_token']); } catch (Exception $e) { die($e->getMessage()); } ?> <html> <head> <title> Logged in </title> </head> <body> <h3> You have logged in successfully. </h3> </body> </html> <?php
<?php namespace igniteStack; include_once "autoload.php"; use igniteStack\System\Flow\Authentication\CSRF; # Start a session session_start(); # Generate some CSRF Tokens $CSRF_TOKENS = CSRF::generate_Tokens(5); ?> <form action="/auth/login/" method="post"> <label>Username</label> <input type="text" name="username" placeholder="Enter your username" /> <label>Password</label> <input type="password" name="password" placeholder="Enter your password" /> <input type="submit" name="submit" value="Login" /> <input type="hidden" name="csrf_token" value="<?php echo CSRF::create_CSRF_Object('csrf_token', $CSRF_TOKENS[2]); ?> " /> </form> <?php