| public static get ( array $options = [] ) : string | ||
| $options | array | An array of options to be used when generating or storing the token: - `'regenerate'` _boolean_: If `true`, will force the regeneration of a the token, even if one is already available in the session. Defaults to `false`. - `'sessionKey'` _string_: The key used for session storage and retrieval. Defaults to `'security.token'`. - `'salt'` _string_: If the token is being generated (or regenerated), sets a custom salt value to be used by `String::hash()`. - `'type'` _string_: The hashing algorithm used by `String::hash()` when generating the token. Defaults to `'sha512'`. |
| return | string | Returns a cryptographically-secure client session token. |
public static function get(array $options = array())
{
$defaults = array('regenerate' => false, 'sessionKey' => 'security.token', 'salt' => null, 'type' => 'sha512');
$options += $defaults;
$session = static::$_classes['session'];
if ($options['regenerate'] || !($token = $session::read($options['sessionKey']))) {
$token = String::hash(uniqid(microtime(true)), $options);
$session::write($options['sessionKey'], $token);
}
return $token;
} /**
* 初始化CSRF并检查token是否存在, 不存在则生成token
*/
public static function init()
{
$value = \lithium\storage\Session::read(self::$_session_key);
if (empty($value)) {
RequestToken::get();
}
}
