class SessionTokenStorage implements ClearableTokenStorageInterface

Token storage that uses a Symfony Session object.

Constants

SESSION_NAMESPACE

The namespace used to store values in the session.

Methods

__construct(SessionInterface $session, string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a Session object and a session namespace.

string
getToken(string $tokenId)

Reads a stored CSRF token.

setToken(string $tokenId, string $token)

Stores a CSRF token.

bool
hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

string|null
removeToken(string $tokenId)

Removes a CSRF token.

clear()

Removes all CSRF tokens.

Details

at line line 38
__construct(SessionInterface $session, string $namespace = self::SESSION_NAMESPACE)

Initializes the storage with a Session object and a session namespace.

Parameters

SessionInterface $session The user session from which the session ID is returned
string $namespace The namespace under which the token is stored in the session

at line line 47
string getToken(string $tokenId)

Reads a stored CSRF token.

Parameters

string $tokenId The token ID

Return Value

string The stored token

Exceptions

TokenNotFoundException If the token ID does not exist

at line line 63
setToken(string $tokenId, string $token)

Stores a CSRF token.

Parameters

string $tokenId The token ID
string $token The CSRF token

at line line 75
bool hasToken(string $tokenId)

Checks whether a token with the given token ID exists.

Parameters

string $tokenId The token ID

Return Value

bool Whether a token exists with the given ID

at line line 87
string|null removeToken(string $tokenId)

Removes a CSRF token.

Parameters

string $tokenId The token ID

Return Value

string|null Returns the removed token if one existed, NULL otherwise

at line line 99
clear()

Removes all CSRF tokens.