document old way of checking validity of CSRF token

book/controller.rst

@@ -786,6 +786,20 @@ Just like when creating a controller for a route, the order of the arguments of
 order of the arguments, Symfony will still pass the correct value to each
 variable.
 
+Checking the Validity of a CSRF Token
+-------------------------------------
+
+Sometimes you want to use CSRF protection in an action where you don't want to use a
+Symfony form.
+
+If, for example, you're doing a DELETE action, you can use the
+:method:`Symfony\\Component\\Form\\Extension\\Csrf\\CsrfProvider\\CsrfProviderAdapter::isTokenValid`
+method to check the CSRF token::
+
+    use Symfony\Component\Security\Csrf\CsrfToken;
+
+    $this->get('security.csrf.token_manager')->isTokenValid(new CsrfToken('token_id', 'TOKEN'));
+
 Final Thoughts
 --------------