W3cubDocs

/Symfony 4.1

SessionTokenStorage

class SessionTokenStorage implements ClearableTokenStorageInterface

Token storage that uses a Symfony Session object.

Constants

SESSION_NAMESPACE

The namespace used to store values in the session.

Methods

__construct(SessionInterface $session, string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a Session object and a session namespace.

string getToken(string $tokenId)

Reads a stored CSRF token.

setToken(string $tokenId, string $token)

Stores a CSRF token.

bool hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

string|null removeToken(string $tokenId)

Removes a CSRF token.

clear()

Removes all CSRF tokens.

Details

__construct(SessionInterface $session, string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a Session object and a session namespace.

Parameters

SessionInterface $session The user session from which the session ID is returned
string $namespace The namespace under which the token is stored in the session

string getToken(string $tokenId)

Reads a stored CSRF token.

Parameters

string $tokenId The token ID

Return Value

string The stored token

Exceptions

TokenNotFoundException If the token ID does not exist

setToken(string $tokenId, string $token)

Stores a CSRF token.

Parameters

string $tokenId The token ID
string $token The CSRF token

bool hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

Parameters

string $tokenId The token ID

Return Value

bool Whether a token exists with the given ID

string|null removeToken(string $tokenId)

Removes a CSRF token.

Parameters

string $tokenId The token ID

Return Value

string|null Returns the removed token if one existed, NULL otherwise

clear()

Removes all CSRF tokens.

© 2004–2017 Fabien Potencier
Licensed under the MIT License.
https://api.symfony.com/4.1/Symfony/Component/Security/Csrf/TokenStorage/SessionTokenStorage.html