rafalmasiarek / csrf-token
Encrypted CSRF token library with fingerprint and caching (file, MySQL, Redis)
dev-main
2025-07-10 21:23 UTC
Requires
- php: >=7.4
This package is auto-updated.
Last update: 2025-07-10 21:26:56 UTC
README
A secure, stateless CSRF protection system using encrypted fingerprints containing:
- CSRF token
- Client IP
- User-Agent
- Timestamp (
iat
)
Encrypted with AES-256-GCM and compatible with caching layers.
Features
- Stateless CSRF token with embedded fingerprint
- AES-256-GCM encryption with IV and tag
iat
timestamp support (TTL)- Optional caching (file, MySQL, Redis)
- Read-only cache support
- Garbage collector for file cache
Usage
See examples/
for usage examples.
Garbage Collection (File Cache)
php bin/garbage_collector.php
License
MIT