protected function verifyToken($storedToken, $requestToken) { if ($storedToken != $requestToken) { throw new TokenMismatchException(); } }