Download the PHP package codecollab/csrf-token without Composer
On this page you can find all versions of the php package codecollab/csrf-token. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download codecollab/csrf-token
More information about codecollab/csrf-token
Files in codecollab/csrf-token
Package csrf-token
Short Description CSRF token package of the CodeCollab project
License See the LICENSE file
Homepage https://github.com/CodeCollab/CsrfToken
Informations about the package csrf-token
CsrfToken
CSRF token package of the CodeCollab project
Requirements
PHP7+
Installation
Include the library in your project using composer:
{
"require-dev": {
"codecollab/csrf-token": "^2"
}
}
Usage
This library securely generates and validates CSRF tokens. To use this libray simply create a new \CodeCollab\CsrfToken\Token
instance. A functioning concrete implementation is added as \CodeCollab\CsrfToken\Token\Handler
:
``
To generate a new token (and invalidate the old token) simply call $csrfToken->generate()
.
``
Storage
This library only provides an interface for storage objects so you can use any storage you prefer. The storage must have a way to persist the token between requests (i.e. session). An example native session storage implementation may look like:
``
All storage implementations must implement CodeCollab\CsrfToken\Storage\Storage
.
Generators
Generators are repsonsible for generating secure tokens. By default the CodeCollab\CsrfToken\Generator\RandomBytes32
generator is included which as the name suggest generates a 32 bytes long random token.
This generator uses PHP's native random_bytes()
function to generate the tokens. When a token could not be generated a CodeCollab\CsrfToken\Generator\InsufficientStrengthException
will be thrown. The generator interface only has a single method generate()
will generates the tokens.
The supplied generator will be fine for most cases, but if you need additional security you can implement your own generator based on the CodeCollab\CsrfToken\Storage\Storage
interface.
Contributing
License
Security issues
If you found a security issue please contact directly by mail instead of using the issue tracker at [email protected]