1 files changed, 4 insertions, 22 deletions

diff --git a/src/security.rs b/src/security.rs
index c12a97f..5247d9e 100644
--- a/src/security.rs
+++ b/src/security.rs
@@ -1,18 +1,14 @@
 //! [`CsrfToken`], [`Key`] and functions to encode & decode expiring claims.
 
-use rand::{Rng, distributions::Alphanumeric};
-use ::cookie::Cookie;
-use time::{Duration, OffsetDateTime};
+use time::OffsetDateTime;
 use thiserror::Error;
 
 pub use crate::signed::Key;
 
-use crate::{request::Parts, response::Response};
-
-/// A cookie-based CSRF token to be used with [`crate::request::Body::into_form_csrf`].
+/// A cookie-based CSRF token to be used with [`crate::request::SputnikBody::into_form_csrf`].
 pub struct CsrfToken {
-    token: String,
-    from_client: bool,
+    pub(crate) token: String,
+    pub(crate) from_client: bool,
 }
 
 #[derive(Error, Debug)]
@@ -25,20 +21,6 @@ pub enum CsrfError {
 }
 
 impl CsrfToken {
-    /// Retrieves the CSRF token from a `csrf` cookie or generates
-    /// a new token and stores it as a cookie if it doesn't exist.
-    pub fn from_parts(request: &mut Parts, response: &mut Response) -> Self {
-        if let Some(cookie) = request.cookies().get("csrf") {
-            return CsrfToken{token: cookie.value().to_string(), from_client: true}
-        }
-        let val: String = rand::thread_rng().sample_iter(Alphanumeric).take(16).collect();
-        let mut c = Cookie::new("csrf", val.clone());
-        c.set_secure(Some(true));
-        c.set_max_age(Some(Duration::hours(1)));
-        response.set_cookie(c);
-        CsrfToken{token: val, from_client: false}
-    }
-
     /// Wraps the token in a hidden HTML input.
     pub fn html_input(&self) -> String {
         format!("<input name=csrf type=hidden value=\"{}\">", self.token)