Returns true if the key is in the Request.

If the cookie is signed, and the signature is invalid, false will be returned and the cookie will be set to be deleted in the response. If the cookie is using an "old" key from the keyring, the cookie will be re-signed with the current key and be added to the response to be updated.