从文档中我看到它是在控制器中完成的:
https://symfony.com/doc/current/security/csrf.html
public function delete(Request $request)
{
$submittedToken = $request->request->get('token');
// 'delete-item' is the same value used in the template to generate the token
if ($this->isCsrfTokenValid('delete-item', $submittedToken)) {
// ... do something, like deleting an object
}
}
但是当考虑使用超薄控制器时,我试图从控制器中解脱出来。所以我打算将它添加到服务中。我在想什么?