/**
* Set the cookie in the response.
*
* Also sets the request->params['_csrfToken'] so the newly minted
* token is available in the request data.
*
* @param \Cake\Network\Request $request The request object.
* @param \Cake\Network\Response $response The response object.
* @return void
*/
protected function _setCookie(Request $request, Response $response)
{
$expiry = new Time($this->_config['expiry']);
$value = hash('sha512', Security::randomBytes(16), false);
$request->params['_csrfToken'] = $value;
$response->cookie(['name' => $this->_config['cookieName'], 'value' => $value, 'expire' => $expiry->format('U'), 'path' => $request->webroot, 'secure' => $this->_config['secure'], 'httpOnly' => $this->_config['httpOnly']]);
}