Use the Response.cookie() method to manipulate your cookies.
Examples:
res.cookie('username', 'Flavio')
This method accepts a third parameter, which contains various options:
res.cookie('username', 'Flavio', { domain: '.flaviocopes.com', path: '/administrator', secure: true })
res.cookie('username', 'Flavio', { expires: new Date(Date.now() + 900000), httpOnly: true })
The most useful parameters you can set are:
| Value | Description |
|---|---|
domain |
The cookie domain name |
expires |
Set the cookie expiration date. If missing, or 0, the cookie is a session cookie |
httpOnly |
Set the cookie to be accessible only by the web server. See HttpOnly |
maxAge |
Set the expiry time relative to the current time, expressed in milliseconds |
path |
The cookie path. Defaults to ‘/’ |
secure |
Marks the cookie HTTPS only |
signed |
Set the cookie to be signed |
sameSite |
Value of SameSite |
A cookie can be cleared with:
res.clearCookie('username')
Download my free Express.js book!
