application/config/csrf.php

   1 <?php defined('SYSPATH') OR die('No direct access allowed.');
   2
   3 /**
   4  * Check if we always should use CSRF tokens to secure forms
   5  */
   6 $config['active'] = true;
   7
   8 /**
   9  * Session key to hold CSRF token
  10  */
  11 $config['csrf_token'] = 'csrf_token';
  12
  13 /**
  14  * token generation timestamp
  15  */
  16 $config['csrf_timestamp'] = 'csrf_timestamp';
  17
  18 /**
  19  * csrf token lifetime in seconds
  20  * For how long to we trust the csrf token?
  21  */
  22 $config['csrf_lifetime']  = 5400;