# File lib/ramaze/helper/csrf.rb, line 123 def generate_csrf_token(args = {}) # Default TTL is 15 minutes ttl = args[:ttl] || (15 * 60) # Get some good entropy random = SecureRandom.random_bytes(512) # and some not so good entropy time = Time.now.to_f # Hash it together token = Digest::SHA512.hexdigest(random + time.to_s) # Time to store all the data we want to check later. session[:_csrf] = { :time => time.to_i, :token => token, :ip => request.env['REMOTE_ADDR'], :agent => request.env['HTTP_USER_AGENT'], :host => request.env['REMOTE_HOST'], :ttl => ttl } # Prevent this method from returning any value (it isn't needed anyway) return end