App\Http\Middleware\VerifyCsrfToken.php:
use Symfony\Component\HttpFoundation\Cookie;
/**
* Add Cookie To Response.
*
* @param \Illuminate\Http\Request $request
* @param \Symfony\Component\HttpFoundation\Response $response
*
* @return \Symfony\Component\HttpFoundation\Response
*/
protected function addCookieToResponse($request, $response)
{
$config = config('session');
$response->headers->setCookie(
new Cookie(
'XSRF-TOKEN',
$request->session()->token(),
$this->availableAt(60 * $config['lifetime']),
$config['path'],
$config['domain'],
$config['secure'],
$config['http_only'],
false,
$config['same_site'] ?? null
)
);
return $response;
}