NativeSessionTokenStorage

class NativeSessionTokenStorage implements TokenStorageInterface

Token storage that uses PHP's native session handling.

Constants

SESSION_NAMESPACE

The namespace used to store values in the session.

Methods

__construct(string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a session namespace.

string getToken(string $tokenId)

Reads a stored CSRF token.

setToken(string $tokenId, string $token)

Stores a CSRF token.

bool hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

string|null removeToken(string $tokenId)

Removes a CSRF token.

Details

__construct(string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a session namespace.

Parameters

string $namespace The namespace under which the token is stored in the session

string getToken(string $tokenId)

Reads a stored CSRF token.

Parameters

string $tokenId The token ID

Return Value

string The stored token

Exceptions

TokenNotFoundException If the token ID does not exist

setToken(string $tokenId, string $token)

Stores a CSRF token.

Parameters

string $tokenId The token ID
string $token The CSRF token

bool hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

Parameters

string $tokenId The token ID

Return Value

bool Whether a token exists with the given ID

string|null removeToken(string $tokenId)

Removes a CSRF token.

Parameters

string $tokenId The token ID

Return Value

string|null Returns the removed token if one existed, NULL otherwise