Session is always empty #107
Description
Hi.
I am using this Slim\Extras\Middleware\CsrfGuard.php
But I always get this error. Invalid or missing CSRF token.
if (! isset($_SESSION[$this->key])) {
$_SESSION[$this->key] = sha1(serialize($_SERVER) . rand(0, 0xffffffff));
}
$token = $_SESSION[$this->key];
$userToken = $this->app->request()->post($this->key);
if (isset($userToken) && $token !== $userToken) {
$this->app->halt(400, 'Invalid or missing CSRF token.');
}
I have checked slim csrf_token so I can get successfully but I always go into in this condition.
if (! isset($_SESSION[$this->key]))
Session is always empty I think.
How can I fix this?
I will appreciate any other's help.