Drupal 8  8.0.2
CSRFAccessCheck Class Reference
Inheritance diagram for CSRFAccessCheck:

Public Member Functions

 __construct (SessionConfigurationInterface $session_configuration)
 
 applies (Route $route)
 
 access (Request $request, AccountInterface $account)
 

Protected Attributes

 $sessionConfiguration
 

Detailed Description

Access protection against CSRF attacks.

Constructor & Destructor Documentation

__construct ( SessionConfigurationInterface  $session_configuration)

Constructs a new rest CSRF access check.

Parameters
\Drupal\Core\Session\SessionConfigurationInterface$session_configurationThe session configuration.

Member Function Documentation

access ( Request  $request,
AccountInterface  $account 
)

Checks access.

Parameters
\Symfony\Component\HttpFoundation\Request$requestThe request object.
\Drupal\Core\Session\AccountInterface$accountThe currently logged in account.
Returns
The access result.

References AccessResult\allowed(), Drupal\csrfToken(), AccessResult\forbidden(), and AccountInterface\isAuthenticated().

Here is the call graph for this function:

applies ( Route  $route)

{Declares whether the access check applies to a specific route or not.

Parameters
\Symfony\Component\Routing\Route$routeThe route to consider attaching to.
Returns
array An array of route requirement keys this access checker applies to.
}

Implements AccessCheckInterface.


The documentation for this class was generated from the following file: