Class XsrfTokenManager


public final class XsrfTokenManager extends Object
Helper class for generating and validate XSRF tokens.
  • Field Details


      public static final String X_CSRF_TOKEN
      HTTP header or cookie name used for transmitting XSRF tokens.
      See Also:

      public static final String P_CSRF_TOKEN
      POST parameter used for transmitting XSRF tokens.
      See Also:
  • Constructor Details

    • XsrfTokenManager

      @Inject public XsrfTokenManager(Clock clock, userService)
  • Method Details

    • generateToken

      public String generateToken(String email)
      Generates an XSRF token for a given user based on email address.
    • validateToken

      public boolean validateToken(String token)
      Validates an XSRF token against the current logged-in user.