/**
* Checks that the specified token matches the current logged in user token
* Protection against CSRF
*
* @return throws exception if token doesn't match
*/
protected function checkTokenInUrl()
{
if (Core_Common::getRequestVar('token_auth', false) != Core_Common::getCurrentUserAuth()) {
throw new Core_Access_NoAccessException('Invalid Auth Token');
}
}
