From 48e492bf10223d9062544a168735518121494319 Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Tue, 25 Mar 2025 06:49:18 -0700
Subject: [PATCH] Ensure a CSRF token exists in session

---
 src/RaspAP/Tokens/CSRFTokenizer.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/RaspAP/Tokens/CSRFTokenizer.php b/src/RaspAP/Tokens/CSRFTokenizer.php
index 9be05683..51603867 100644
--- a/src/RaspAP/Tokens/CSRFTokenizer.php
+++ b/src/RaspAP/Tokens/CSRFTokenizer.php
@@ -19,6 +19,12 @@ class CSRFTokenizer {
     public function __construct()
     {
         $this->ensureSession();
+
+        // ensure a CSRF token exists in the session
+        if (empty($_SESSION['csrf_token'])) {
+            $this->ensureCSRFSessionToken;
+        }
+
         if ($this->csrfValidateRequest() && !$this->CSRFValidate($_SESSION['csrf_token'])) {
             $this->handleInvalidCSRFToken();
         }