PHP Session::regenerateToken示例

示例#1

文件： TokenManager.php 项目： wyrover/laravel-self-consuming-api-starter

 /**
  * Refresh the current CSRF Token, store it on the user, then generate and return a new JWT.
  *
  * @param $token (JWT)
  * @param $user \App\User
  * @return \Illuminate\Http\JsonResponse|string
  */
 public function refreshUserToken($token, $user)
 {
     // Reset the current CSRF token
     \Session::regenerateToken();
     // Reset the user's token key to match current CSRF token
     $this->setUserTokenKey($user, csrf_token());
     // Invalidate original JWT
     $this->auth->invalidate($token);
     // Generate a new token for the user
     $refreshed = $this->getJwtFromUser($user);
     return $refreshed;
 }

示例#2

文件： CookieCsrfServiceProvider.php 项目： hardywen/cookie-csrf

 /**
  * Register the service provider.
  *
  * @return void
  */
 public function register()
 {
     $app = $this->app;
     //创建 cookie-csrf filter
     $app->router->filter('cookie-csrf', function () {
         $config = $this->app->config->get('cookie-csrf::config');
         if ($this->match($config['white_list']) && !$this->match($config['black_list'])) {
             if (\Session::token() !== \Cookie::get('cookie_csrf_token')) {
                 throw new \Illuminate\Session\TokenMismatchException();
             }
             if (!$this->app->request->wantsJson()) {
                 \Session::regenerateToken();
                 //token用过一次后就重新生成，防止表单重复提交
             }
         }
     });
 }

示例#3

文件： BackendController.php 项目： huycao/yoplatform

 public function logout()
 {
     Sentry::logout();
     Session::flush();
     $_SESSION = array();
     @session_destroy();
     Session::regenerateToken();
     return Redirect::route(Str::studly($this->sectionFolder) . 'Login');
 }

示例#4

文件： global.php 项目： beruxganteng/repository-djpbn

App::down(function () {
    return Response::make("Be right back!", 503);
});
//tambahan
App::error(function (Illuminate\Session\TokenMismatchException $exception, $code) {
    /*
    |    Write to a specific log
    |    Or write the request information to the database for e.g. a firewall mechanism
    |    
    |    Or just:
    */
    $errors = ['_token' => ['Token tricking is very bad!']];
    /**
     * Generate a new token for more security
     */
    Session::regenerateToken();
    /**
     * Redirect to the last step
     * Refill any old inputs except _token (it would override our new token)
     * Set the error message
     */
    return Redirect::back()->withInput(Input::except('_token'))->withErrors($errors);
});
/*
|--------------------------------------------------------------------------
| Require The Filters File
|--------------------------------------------------------------------------
|
| Next we will load the filters file for the application. This gives us
| a nice separate location to store our route and application filter
| definitions instead of putting them all in the main routes file.

示例#5

文件： big_file.php 项目： kylekatarnls/sbp

 public function addUrl()
 {
     Session::regenerateToken();
     if (!User::current()->isContributor()) {
         return Redirect::to('/user/login');
     }
     $url = Input::get('url');
     $state = scanUrl($url);
     return $this->view('home', array('url' => $url, 'state' => $state));
 }