Missing CSRF token in session

问题

I am creating the application which can fetch the files and folder from the dropbox and will show in the web page.I have the below code.

$appInfo=new Dropbox\AppInfo($dropboxKey,$dropboxSecret);
//store CSRF token
$csrfTokenStore = new Dropbox\ArrayEntryStore($_SESSION,'dropbox-auth-csrf-token');
$webAuth = new Dropbox\WebAuth($appInfo,$appName,'path',$csrfTokenStore);

when i execute the code i got the below error:

Fatal error: Uncaught exception 'Dropbox\WebAuthException_BadState' with message 'Missing CSRF token in session.

回答1:

The problem is happening because of there is no dropbox-auth-csrf-token value in the session.When you check the ArrayEntryStore files you get to know there are function like get(),set(),clear().Here clear function will unset the csrf token.

What you have to do is you need to store the csrf token value in database and when same user comes to need to fetch the value and pass it into the ArrayEntryStore else do the same.

来源：https://stackoverflow.com/questions/44590917/missing-csrf-token-in-session