diff --git a/src/RaspAP/Tokens/CSRFTokenizer.php b/src/RaspAP/Tokens/CSRFTokenizer.php
index 9be05683..51603867 100644
--- a/src/RaspAP/Tokens/CSRFTokenizer.php
+++ b/src/RaspAP/Tokens/CSRFTokenizer.php
@@ -19,6 +19,12 @@ class CSRFTokenizer {
     public function __construct()
     {
         $this->ensureSession();
+
+        // ensure a CSRF token exists in the session
+        if (empty($_SESSION['csrf_token'])) {
+            $this->ensureCSRFSessionToken;
+        }
+
         if ($this->csrfValidateRequest() && !$this->CSRFValidate($_SESSION['csrf_token'])) {
             $this->handleInvalidCSRFToken();
         }