protected function CsrfTokenGenerator::computeToken

protected CsrfTokenGenerator::computeToken($seed, $value = '')

Generates a token based on $value, the token seed, and the private key.

Parameters

string $seed: The per-session token seed.

string $value: (optional) An additional value to base the token on.

Return value

string A 43-character URL-safe token for validation, based on the token seed, the hash salt provided by Settings::getHashSalt(), and the 'drupal_private_key' configuration variable.

See also

\Drupal\Core\Site\Settings::getHashSalt()

File

core/lib/Drupal/Core/Access/CsrfTokenGenerator.php, line 108

Class

CsrfTokenGenerator
Generates and validates CSRF tokens.

Namespace

Drupal\Core\Access

Code

protected function computeToken($seed, $value = '') {
  return Crypt::hmacBase64($value, $seed . $this->privateKey->get() . Settings::getHashSalt());
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Access!CsrfTokenGenerator.php/function/CsrfTokenGenerator::computeToken/8.1.x