# File lib/ramaze/helper/csrf.rb, line 175
      def validate_csrf_token(input_token)
        # Check if the CSRF data has been generated and generate it if this
        # hasn't been done already (usually on the first request).
        if !session[:_csrf] or session[:_csrf].empty?
          self.generate_csrf_token
        end

        _csrf = session[:_csrf]

        valid = session[:_csrf][:token] == input_token &&
          (Time.now.to_f - _csrf[:time]) <= _csrf[:ttl] &&
          _csrf[:host]  == request.host &&
          _csrf[:ip]    == request.ip &&
          _csrf[:agent] == request.env['HTTP_USER_AGENT']

        if valid
          generate_csrf_token
          return true
        else
          return false
        end
      end