What are best practices for generating secure tokens in PHP?

Generating secure tokens in PHP involves using a cryptographically secure random number generator to create unique tokens that are difficult to predict or manipulate. One common method is to use the random_bytes() function to generate a random string of bytes and then encode it in a format such as base64 to create a token that can be easily stored and transmitted securely.

$token = base64_encode(random_bytes(32));