Magento 2 - What's the purpose of Formkey Validator?

magento.stackexchange https://magento.stackexchange.com/questions/249455

  •  06-02-2021
  •  | 
  •  

Question

I want to know what does the formkey validator do : Magento\Framework\Data\Form\FormKey\Validator

Was it helpful?

Solution

Simply and in order :

  1. Magento/Framework/Data/Form/FormKey::getFormKey() : generate a formkey.

  2. Magento/Framework/Data/Form/FormKey/Validator::validate() validate that formkey.

Exemple : vendor/magento/module-customer/Controller/Account::LoginPost.php

public function execute()
{
    if ($this->session->isLoggedIn() || !$this->formKeyValidator->validate($this->getRequest())) {
        ...
        return $resultRedirect;
    }

Here magento check : if a user is already logged in $this->session->isLoggedIn() or a formkey request is not valide !$this->formKeyValidator->validate($this->getRequest()), it returns and redirects to the previous page.

Licensed under: CC-BY-SA with attribution
Not affiliated with magento.stackexchange
scroll top