HTML::FormFu::Element::RequestToken - Hidden text field which contains a unique token
my $e = $form->element( { type => 'Token' } ); my $p = $form->element( { plugin => 'Token' } );
This field can prevent CSRF attacks. It contains a random token. After submission the token is checked with the token which is stored in the session of the current user. See "USING TOKENS" in Catalyst::Controller::HTML::FormFu for a convenient way how to use it.
Value of the stash key for the Catalyst context object ($c). Defaults to context.
$c
context
Time to life for a token in seconds. Defaults to 3600.
3600
Session key which is used to store the tokens. Defaults to __token.
__token
This method looks in the session for expired tokens and removes them.
Generates a new token and stores it in the stash.
Removes a specific token from the session. Returns 1 if the key was found. 0 otherwise.
1
0
Checks whether a given token is already in the session. If it exists it is removed and verify_token returns 1. 0 otherwise.
verify_token
Catalyst::Controller::HTML::FormFu, HTML::FormFu::Plugin::RequestToken, HTML::FormFu::Constraint::RequestToken
HTML::FormFu
Moritz Onken, onken@houseofdesign.de
onken@houseofdesign.de
This library is free software, you can redistribute it and/or modify it under the same terms as Perl itself.
To install Catalyst::Controller::HTML::FormFu, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Catalyst::Controller::HTML::FormFu
CPAN shell
perl -MCPAN -e shell install Catalyst::Controller::HTML::FormFu
For more information on module installation, please visit the detailed CPAN module installation guide.