eZ\Publish\Core\REST\Server\Controller\SessionController::checkCsrfToken PHP Method

SessionController Class Documentation 显示文件 Open project: ezsystems/ezpublish-kernel

checkCsrfToken() private method

Checks the presence / validity of the CSRF token.

private checkCsrfToken ( Request $request )
$request	Symfony\Component\HttpFoundation\Request

    private function checkCsrfToken(Request $request)
    {
        if ($this->csrfTokenManager === null) {
            return;
        }
        $exception = new UnauthorizedException('Missing or invalid CSRF token', $request->getMethod() . ' ' . $request->getPathInfo());
        if (!$request->headers->has('X-CSRF-Token')) {
            throw $exception;
        }
        $csrfToken = new CsrfToken($this->csrfTokenIntention, $request->headers->get('X-CSRF-Token'));
        if (!$this->csrfTokenManager->isTokenValid($csrfToken)) {
            throw $exception;
        }
    }

SessionController

__construct

checkCsrfToken

createSessionAction

deleteSessionAction

getCsrfToken

hasStoredCsrfToken

refreshSessionAction