/** * Verify cookie signature and return value. * * @param mixed $key * @param mixed $value * @return mixed */ protected function verify($key, $value) { if (strpos($value, static::DELIMITER) !== false) { list($hashed, $value) = explode(static::DELIMITER, $value, 2); // return cookie value if signature is valid if ($this->app->hashedCompare($this->hashing($key, $value), $hashed)) { return $value; } } // remove the tempered cookie if not valid $this->remove($key); return null; }