From cb387b2717382d934a27eaeb6f956a3640034c95 Mon Sep 17 00:00:00 2001
From: Rob Allen <rob@akrabat.com>
Date: Sat, 8 Jun 2024 19:18:22 +0100
Subject: [PATCH 1/2] Increase uniqid entropy

While we don't have that many tokens in play at any one time, this will
increase the likelihood that the tokens are unique.
---
 src/Guard.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Guard.php b/src/Guard.php
index 681ff91..cee97fb 100644
--- a/src/Guard.php
+++ b/src/Guard.php
@@ -215,7 +215,7 @@ protected function createToken(): string
     public function generateToken(): array
     {
         // Generate new CSRF token
-        $name = uniqid($this->prefix);
+        $name = uniqid($this->prefix, true);
         $value = $this->createToken();
         $this->saveTokenToStorage($name, $value);
 

From 163f301c84c0b4a159cddec9bbc2b18bac1d8ab5 Mon Sep 17 00:00:00 2001
From: Rob Allen <rob@akrabat.com>
Date: Sat, 8 Jun 2024 19:24:43 +0100
Subject: [PATCH 2/2] Update Changelog

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5413163..7ff596d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,8 @@ See https://github.com/slimphp/Slim-Csrf/releases for a full list
   underscore. This should not affect anyone who uses the relvant methods, but
   if you have hard-coded, then they will need to be updated.
 
+- Changed: Increased likelihood that tokens are unique. 
+
 ## 1.5.0
 
 - Added: Support for PHP 8.2 and 8.3