Csrf 1.0.1

CHANGELOG.md

@@ -1,3 +1,7 @@
+<a name="1.0.1"></a>
+# [1.0.1](https://github.com/atomastic/csrf) (2021-02-09)
+* fix issue with token generation
+
 <a name="1.0.0"></a>
 # [1.0.0](https://github.com/atomastic/csrf) (2021-02-08)
 * Initial release

src/Csrf.php

@@ -38,8 +38,8 @@ class Csrf
      * @throws CsrfException
      */
     public function __construct(
-        string $tokenNamePrefix = '__csrf_name',
-        string $tokenValuePrefix = '__csrf_value',
+        string $tokenNamePrefix = '__csrf_token',
+        string $tokenValuePrefix = '',
         int $strength = 32
     ) {
         if ($strength < 32) {
@@ -53,14 +53,14 @@ public function __construct(
             );
         }
 
-        $this->tokenName  = $tokenNamePrefix . $this->getRandomValue($strength);
-        $this->tokenValue = $tokenValuePrefix . $this->getRandomValue($strength);
+        $this->tokenName = $tokenNamePrefix;
 
-        if (array_key_exists($this->tokenName, $_SESSION)) {
-            return;
+        if (isset($_SESSION[$this->tokenName])) {
+            $this->tokenValue = $_SESSION[$this->tokenName];
+        } else {
+            $this->tokenValue = $tokenValuePrefix . $this->getRandomValue($strength);
+            $_SESSION[$this->tokenName] = $this->tokenValue;
         }
-
-        $_SESSION[$this->tokenName] = $this->tokenValue;
     }
 
     /**