# File lib/ramaze/helper/csrf.rb, line 188
      def validate_csrf_token(input_token)
        # Check if the CSRF data has been generated and generate it if this
        # hasn't been done already (usually on the first request).
        if !session[:_csrf] or session[:_csrf].empty?
          self.generate_csrf_token
        end

        _csrf = session[:_csrf]

        # Mirror mirror on the wall, who's the most secure of them all?
        session[:_csrf][:token] == input_token &&
          (Time.now.to_f - _csrf[:time]) <= _csrf[:ttl] &&
          _csrf[:host] == request.env['REMOTE_HOST'] &&
          _csrf[:ip] == request.env['REMOTE_ADDR'] &&
          _csrf[:agent] == request.env['HTTP_USER_AGENT']
      end