/** * @param $token * @return bool */ public function isTokenValid(CsrfToken $token) { if (!$this->storage->hasToken($token->getId())) { return false; } return $this->storage->getToken($token->getId()) == $token->getValue(); }
/** * * Regenerates and replaces the current session id; also regenerates the * CSRF token value if one exists. * * @return bool True if regeneration worked, false if not. * */ public function regenerateId() { $result = $this->phpfunc->session_regenerate_id(true); if ($result && $this->csrf_token) { $this->csrf_token->regenerateValue(); } return $result; }