1HTML::FormFu::Element::URseeqrueCsotnTtorkiebnu(t3e)d PeHrTlMLD:o:cFuomremnFtua:t:iEolnement::RequestToken(3)
2
3
4

NAME

6       HTML::FormFu::Element::RequestToken - Hidden text field which contains
7       a unique token
8

SYNOPSIS

10         my $e = $form->element( { type => 'Token' } );
11
12         my $p = $form->element( { plugin => 'Token' } );
13

DESCRIPTION

15       This field can prevent CSRF attacks. It contains a random token. After
16       submission the token is checked with the token which is stored in the
17       session of the current user.  See "USING TOKENS" in
18       Catalyst::Controller::HTML::FormFu for a convenient way how to use it.
19

ATTRIBUTES

21   context
22       Value of the stash key for the Catalyst context object ($c). Defaults
23       to "context".
24
25   expiration_time
26       Time to life for a token in seconds. Defaults to 3600.
27
28   session_key
29       Session key which is used to store the tokens. Defaults to "__token".
30

METHODS

32   expire_token
33       This method looks in the session for expired tokens and removes them.
34
35   get_token
36       Generates a new token and stores it in the stash.
37
38   remove_token
39       Removes a specific token from the session. Returns 1 if the key was
40       found. 0 otherwise.
41
42   verify_token
43       Checks whether a given token is already in the session. If it exists it
44       is removed and "verify_token" returns 1. 0 otherwise.
45

SEE ALSO

47       Catalyst::Controller::HTML::FormFu, HTML::FormFu::Plugin::RequestToken,
48       HTML::FormFu::Constraint::RequestToken
49
50       HTML::FormFu
51

AUTHOR

53       Moritz Onken, "onken@houseofdesign.de"
54

LICENSE

56       This library is free software, you can redistribute it and/or modify it
57       under the same terms as Perl itself.
58
59
60
61perl v5.12.0                      2009-07H-T0M6L::FormFu::Element::RequestToken(3)