I have the need to have an application I’m writing in C++ to POST data to a public website, to be inserted into a db. I’m interested in figuring out how to keep “bad Actors” from send data to my site. Everything I have seen about the CSRF token requires that I generate the it from the site server, and usually in connection with a form.
In my app, I want to just send a POST to the site server, but I’m not sure how to use a randomly generated token from one computer and verify it on an other computer. I was also thinking about checking the IP of the $REQUEST, but the App could be moved. So it “might” not be the one IP at any given time. The website is written in straight PHP, not Yii.
Can anyone help with ideas of how I can make sure that the data I’m sending is added and nothing from anybody else?