The key used to store the token on the session, as well as the parameter of the request.
Returns the token from the session.
Take an action when a forgery is detected.
Tests whether a request with a unsafe method is a potential cross-site forgery.
true if the request is an unsafe method (POST, PUT, DELETE, TRACE,
CONNECT, PATCH) and the request parameter at
csrfKey does not match
the session key of the same name.
Prepares a CSRF token.