Generates (or regenerates) a cryptographically-secure token to be used for the life of the
client session, and stores the token using the `Session` class.
Parameters
- array $options An array of options to be used when generating or storing the token: - `'regenerate'` _boolean_: If `true`, will force the regeneration of a the token, even if one is already available in the session. Defaults to `false`. - `'sessionKey'` _string_: The key used for session storage and retrieval. Defaults to `'security.token'`. - `'salt'` _string_: If the token is being generated (or regenerated), sets a custom salt value to be used by `String::hash()`. - `'type'` _string_: The hashing algorithm used by `String::hash()` when generating the token. Defaults to `'sha512'`.
Returns
string Returns a cryptographically-secure client session token.Source
public static function get(array $options = array()) {
$defaults = array(
'regenerate' => false,
'sessionKey' => 'security.token',
'salt' => null,
'type' => 'sha512'
);
$options += $defaults;
$session = static::$_classes['session'];
if ($options['regenerate'] || !($token = $session::read($options['sessionKey']))) {
$token = String::hash(uniqid(microtime(true)), $options);
$session::write($options['sessionKey'], $token);
}
return $token;
}