The token system is a type of two factor authentication system for forms. When a form is generated on screen a token is generated and stored in a session variable. It is then sent in via post with the rest of the form.
Token::check makes sure those 2 tokens match. If they do not, it is assumed that some sort of manipulation happened with the form.