cookies->get(self::COOKIE_NAME); if (is_string($clientId) && $clientId !== '') { return $clientId; } $clientId = Uuid::v4()->toRfc4122(); $response->headers->setCookie( new Cookie( name: self::COOKIE_NAME, value: $clientId, expire: strtotime('+1 year'), path: '/', secure: false, // set true in production with HTTPS httpOnly: true, sameSite: Cookie::SAMESITE_LAX ) ); return $clientId; } }