From f9ea5430bbe25511dcccd7e0d5f4a31f951f329c Mon Sep 17 00:00:00 2001
From: Will Rossiter <will.rossiter@gmail.com>
Date: Sun, 1 Jul 2012 20:53:58 +1200
Subject: [PATCH] API: add SecurityToken::reset() as a shortcut for
 regenerating a secure token.

See http://open.silverstripe.org/ticket/6303
---
 security/SecurityToken.php           | 12 +++++++++---
 tests/security/SecurityTokenTest.php |  8 ++++++++
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/security/SecurityToken.php b/security/SecurityToken.php
index d3afbbf55..d8d71d492 100644
--- a/security/SecurityToken.php
+++ b/security/SecurityToken.php
@@ -147,6 +147,13 @@ class SecurityToken extends Object implements TemplateGlobalProvider {
 		Session::set($this->getName(), $val);
 	}
 	
+	/**
+	 * Reset the token to a new value.
+	 */
+	public function reset() {
+		$this->setValue($this->generate());
+	}
+	
 	/**
 	 * Checks for an existing CSRF token in the current users session.
 	 * This check is automatically performed in {@link Form->httpSubmission()}
@@ -291,6 +298,5 @@ class NullSecurityToken extends SecurityToken {
 	 */
 	function generate() {
 		return null;
-	}
-	
-}
+	}	
+}
\ No newline at end of file
diff --git a/tests/security/SecurityTokenTest.php b/tests/security/SecurityTokenTest.php
index 7874bf10b..3b1cb43ec 100644
--- a/tests/security/SecurityTokenTest.php
+++ b/tests/security/SecurityTokenTest.php
@@ -65,6 +65,14 @@ class SecurityTokenTest extends SapphireTest {
 		$t->setValue('mytoken');
 		$this->assertTrue($t->check('mytoken'), 'Valid token returns true');
 	}
+
+	function testReset() {
+		$t = new SecurityToken();
+		$initialValue = $t->getValue();
+		$t->reset(); 
+
+		$this->assertNotEquals($t->getValue(), $initialValue);
+	}
 	
 	function testCheckRequest() {
 		$t = new SecurityToken();