Use the Response.cookie() method to manipulate your cookies.
Examples:
res.cookie('username', 'Flavio')
This method accepts a third parameter which contains various options:
res.cookie('username', 'Flavio', { domain: '.flaviocopes.com', path: '/administrator', secure: true })
res.cookie('username', 'Flavio', { expires: new Date(Date.now() + 900000), httpOnly: true })
The most useful parameters you can set are:
| Value | Description |
|---|---|
domain |
the cookie domain name |
expires |
set the cookie expiration date. If missing, or 0, the cookie is a session cookie |
httpOnly |
set the cookie to be accessible only by the web server. See HttpOnly |
maxAge |
set the expiry time relative to the current time, expressed in milliseconds |
path |
the cookie path. Defaults to / |
secure |
Marks the cookie HTTPS only |
signed |
set the cookie to be signed |
sameSite |
Value of SameSite |
A cookie can be cleared with
res.clearCookie('username')