Express: Manage cookies

Use the Response.cookie() method to manipulate your cookies.

Examples:

res.cookie('username', 'Flavio')

This method accepts a third parameter, which contains various options:

res.cookie('username', 'Flavio', { domain: '.flaviocopes.com', path: '/administrator', secure: true })

res.cookie('username', 'Flavio', { expires: new Date(Date.now() + 900000), httpOnly: true })

The most useful parameters you can set are:

ValueDescription
domainThe cookie domain name
expiresSet the cookie expiration date. If missing, or 0, the cookie is a session cookie
httpOnlySet the cookie to be accessible only by the web server. See HttpOnly
maxAgeSet the expiry time relative to the current time, expressed in milliseconds
pathThe cookie path. Set to ’/’ to apply to the whole site
secureMarks the cookie HTTPS only
signedSet the cookie to be signed
sameSiteValue of SameSite

A cookie can be cleared with:

res.clearCookie('username')

Lessons in this unit:

0: Introduction
1: Introduction to Express
2: Request parameters
3: Send a response to the client
4: Send a JSON response
5: ▶︎ Manage cookies
6: Work with HTTP headers
7: Handling redirects
8: Routing
9: Template engines
10: Middleware
11: Serving Static Assets with Express
12: Send files to the client
13: Sessions
14: Validating and sanitizing input
15: Handling form data
Want to learn more? Check out our courses