Does framework handle it on behalf of user-programmer, or should I handle it myself ?
Is it transmitted to client side as is, not at all, or used cryptographically in transmited values, and how if so ?
Should it be stored at server side ? In session ? In user database record ?
Or should it be generated cryptographically every time ? From site-wide or per-user secret ?
P.S. How to contact moderators and what is procedure for obtaining Yii2 section write access ?