protected function _setCookie(Request $request, Response $response)
{
$expiry = new Time($this->_config['expiry']);
$value = hash('sha512', Security::randomBytes(16), false);
$request->params['_csrfToken'] = $value;
$response->cookie(['name' => $this->_config['cookieName'], 'value' => $value, 'expire' => $expiry->format('U'), 'path' => $request->webroot, 'secure' => $this->_config['secure'], 'httpOnly' => $this->_config['httpOnly']]);
}