Can't set cookie 'expires' or 'maxAge' in Node.js using Express 3.0

Question

I've been trying to set my cookie's expiry date in Node.js using Express 3.0, but nothing is working.

My first attempt:

res.cookie('user', user, { maxAge: 9000, httpOnly: true });

Just ends in a cookie that has an invalid expiry time according to Chrome. Then I tried to set 'expires' instead, like so:

res.cookie('user', user, { expires: new Date(new Date().getTime()+5*60*1000), httpOnly: true });

And now my cookie is just a session cookie.

Does anyone know how to fix this?

Thanks for asking this question. your question along with this link brought me to a solution i was looking for: stackoverflow.com/questions/16209145/… — jmunsch
– jmunsch, Commented Mar 9, 2016 at 20:13

Varun Kumar · Accepted Answer · 2017-09-03 18:23:56Z

60

Do note that maxAge is in milliseconds-

res.cookie('jwtToken', token, { maxAge: 2 * 60 * 60 * 1000, httpOnly: true }); // maxAge: 2 hours

answered Sep 3, 2017 at 18:23

Varun Kumar

2,7711 gold badge26 silver badges23 bronze badges

Sign up to request clarification or add additional context in comments.

4 Comments

lucke84 Over a year ago

Upvote for the comment on maxAge being in millisecs!

Someone Special Over a year ago

probably the most important answer.

robm Over a year ago

I was trying to use a short-lived cookie during development (120s), and got errors about 'Cookie “<cookieName>” has been rejected because it is already expired.' I was actually setting the maxAge to 120ms, which had expired by the time the page loaded. This wasn't easy to find searching, since Express uses ms, but browsers implement RFC 6265 that uses seconds; it's somewhat unexpected that Express does the conversion instead of just passing the value through.

olejorgenb Over a year ago

A strange decision to make it milliseconds considering the standard is seconds.. I'm guessing that decision has cost countless hours.

asgoth · Accepted Answer · 2013-12-19 09:56:48Z

12

You have to use req.session.cookie:

req.session.cookie.expires = false;

req.session.cookie.maxAge = 5 * 60 * 1000;

1 Comment

Jelle De Loecker Over a year ago

Turns out: it was actually working. Chrome just says the time format is wrong, but it still honours it.

Spork · Accepted Answer · 2013-12-19 14:36:45Z

8

The accepted answer doesn't work for me.. but the original question has the version that does work. For example

var language = 'en';
//10 * 365 * 24 * 60 * 60 * 1000 === 315360000000, or 10 years in milliseconds
var expiryDate = new Date(Number(new Date()) + 315360000000); 
this.__res.cookie('lang', language, { expires: expiryDate, httpOnly: true });

answered Dec 19, 2013 at 14:36

Spork

1,6311 gold badge23 silver badges39 bronze badges

Comments

lejlun · Accepted Answer · 2021-08-09 03:02:30Z

3

res.cookie('cookieName', jsonObject, { expires: new Date(Date.now() + (30*24*3600000)) }); /*set 1month,

If you face any issue related to cookie expire initialization, then debug your-self, I had to debug myself and fixed it as follows:

Insert the initialized time into a new variable

var expiryDate = new Date(Date.now() + (60*24*3600000));
console.log(expiryDate);

if it's display as aspected, then look into cookieParser npm v

edited Aug 9, 2021 at 3:02

lejlun

4,4312 gold badges18 silver badges31 bronze badges

answered Aug 8, 2021 at 17:33

Saheb Das

412 bronze badges

Collectives™ on Stack Overflow

Can't set cookie 'expires' or 'maxAge' in Node.js using Express 3.0

4 Answers 4

4 Comments

1 Comment

Comments

Comments

Linked

Hot Network Questions

Collectives™ on Stack Overflow

4 Answers 4

4 Comments

1 Comment

Comments

Comments

Linked

Related