summaryrefslogtreecommitdiff
path: root/app/Core/Security/Token.php
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2015-11-15 12:50:33 -0500
committerFrederic Guillot <fred@kanboard.net>2015-11-15 12:50:33 -0500
commita675271ad71b7713d1b33bdba3c51b2b04813229 (patch)
treee54d8a95e16ca521193b9fd5a5eb071aa2910823 /app/Core/Security/Token.php
parent2fc402f6733573627ad25394d109b9f848ef04f6 (diff)
Rewrite of session management
Diffstat (limited to 'app/Core/Security/Token.php')
-rw-r--r--app/Core/Security/Token.php10
1 files changed, 5 insertions, 5 deletions
diff --git a/app/Core/Security/Token.php b/app/Core/Security/Token.php
index 7aca08af..2bb66ef2 100644
--- a/app/Core/Security/Token.php
+++ b/app/Core/Security/Token.php
@@ -38,12 +38,12 @@ class Token extends Base
*/
public function getCSRFToken()
{
- if (! isset($_SESSION['csrf_tokens'])) {
- $_SESSION['csrf_tokens'] = array();
+ if (! isset($this->sessionStorage->csrf)) {
+ $this->sessionStorage->csrf = array();
}
$nonce = self::getToken();
- $_SESSION['csrf_tokens'][$nonce] = true;
+ $this->sessionStorage->csrf[$nonce] = true;
return $nonce;
}
@@ -57,8 +57,8 @@ class Token extends Base
*/
public function validateCSRFToken($token)
{
- if (isset($_SESSION['csrf_tokens'][$token])) {
- unset($_SESSION['csrf_tokens'][$token]);
+ if (isset($this->sessionStorage->csrf[$token])) {
+ unset($this->sessionStorage->csrf[$token]);
return true;
}