crodas/csrf-token
Composer 安装命令:
composer require crodas/csrf-token
包简介
Easier way to generate CSRF tokens
README 文档
README
Stateless CSRF-token generation and verification.
Instalation
composer require crodas/csrf-token:"^1.0"
Properties
- Hashes are unique per IP
- They require a site secret, so hashes are impossible to forge.
- Hashes expires after a certain amount of time (Default: 1 hour)
How to use it
Initialize the library:
require __DIR__ . '/vendor/autoload.php'; CSRF::setSecret($strong_secret_key);
Add it to your forms
<input type="hidden" name="_csrf" value="<?php echo CSRF::generate() ?>" />
And then verify the hashes are legit and still valid:
if (empty($_POST['_csrf']) || !CSRF::verify($_POST['_csrf'])) { throw new Exception("CSRF Token is invalid"); }
统计信息
- 总下载量: 20
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: BSD-4-Clause
- 更新时间: 2015-12-25