Mercurial > hg > isophonics-drupal-site
view core/modules/system/src/Controller/CsrfTokenController.php @ 17:129ea1e6d783
Update, including to Drupal core 8.6.10
author | Chris Cannam |
---|---|
date | Thu, 28 Feb 2019 13:21:36 +0000 |
parents | 4c8ae668cc8c |
children |
line wrap: on
line source
<?php namespace Drupal\system\Controller; use Drupal\Core\Access\CsrfRequestHeaderAccessCheck; use Drupal\Core\Access\CsrfTokenGenerator; use Drupal\Core\DependencyInjection\ContainerInjectionInterface; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\HttpFoundation\Response; /** * Returns responses for CSRF token routes. */ class CsrfTokenController implements ContainerInjectionInterface { /** * The CSRF token generator. * * @var \Drupal\Core\Access\CsrfTokenGenerator */ protected $tokenGenerator; /** * Constructs a new CsrfTokenController object. * * @param \Drupal\Core\Access\CsrfTokenGenerator $token_generator * The CSRF token generator. */ public function __construct(CsrfTokenGenerator $token_generator) { $this->tokenGenerator = $token_generator; } /** * {@inheritdoc} */ public static function create(ContainerInterface $container) { return new static( $container->get('csrf_token') ); } /** * Returns a CSRF protecting session token. * * @return \Symfony\Component\HttpFoundation\Response * The response object. */ public function csrfToken() { return new Response($this->tokenGenerator->get(CsrfRequestHeaderAccessCheck::TOKEN_KEY), 200, ['Content-Type' => 'text/plain']); } }