public function checkToken()
{
$fromSession = \SpoonSession::exists('csrf_token') ? \SpoonSession::get('csrf_token') : '';
$fromGet = $this->getContainer()->get('request')->query->get('token');
if ($fromSession != '' && $fromGet != '' && $fromSession == $fromGet) {
return;
}
// clear the token
\SpoonSession::set('csrf_token', '');
$this->redirect(BackendModel::createURLForAction('Index', null, null, array('error' => 'csrf')));
}