Initial commit

app/Core/Csrf.php

@@ -0,0 +1,17 @@
+<?php
+namespace App\Core;
+
+class Csrf {
+    public static function generate() {
+        Session::start();
+        if (empty($_SESSION['csrf_token'])) {
+            $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+        }
+        return $_SESSION['csrf_token'];
+    }
+
+    public static function verify($token) {
+        Session::start();
+        return hash_equals($_SESSION['csrf_token'] ?? '', $token);
+    }
+}