CSRF protection for faye pub/sub

I am trying to implement Csrf_protection for faye pub/sub chat app (tutorial is here: http://faye.jcoglan.com/security/csrf.html)

class CsrfProtection

def incoming(message, request, callback)
session_token = request.session[’_csrf_token’]
message_token = message[‘ext’] && message[‘ext’].delete(‘csrfToken’)
byebug
unless session_token == message_token
message[‘error’] = ‘401::Access denied’
end

callback.call(message)
end
end

``

The idea is that