Hi,

I would like to know how to secure sensitive uri like "domain.name/user/delete/?id=28" I firstly thought I could use Phalcon\Security token generation and adding it to uris like this : ```php class Url extends \Phalcon\Mvc\Url { public function get($uri = null, $args = null){ $uri = parent::get($uri, $args); if(strpos($uri, '?') !== false){ $uri .= '&'; } else { $uri .= '?'; } return $uri .= 'token=' . $this->getDI()->getShared('security')->getToken(32); } } ```

Then, in my controllers checking it like this : ```php $this->security->checkToken('token', $this->request->getQuery('token')) ``` But this doesn't seem to work, it returns false. I also tried to use getSessionToken but both are different.

Can anyone help me ?

Thanks ;)

EDIT : I even try to create the token like this : ```php $this->getDI()->getShared('security')->getTokenKey() . '=' . $this->getDI()->getShared('security')->getToken(32) ``` But it doesn't work either.