#Overwriting 2 server-side cookies at the same time results in the same max-age

5 messages · Page 1 of 1 (latest)

dim bison
#

Hi I am using Pages and updating refresh and session token on the server with httpOnly = true flag. However when I do that 1st time the cookies Max-Age is correct (1st cookie is valid for 1 hour, another for 90 days). But if I do it again it results in both Max-Age to result in 90 days. Anyone got an idea why?

# 
const options = {
            maxAge: SERVER_SIDE_SESSION_COOKIE_EXPIRATION, // 1 hour
            httpOnly: true,
            secure: true,
            sameSite: 'strict' as const,
            path: '/'
        };

        const refreshTokenOption = {
            maxAge: SERVER_SIDE_REFRESH_TOKEN_COOKIE_EXPIRATION, // 90 days
            httpOnly: true,
            secure: true,
            sameSite: 'strict' as const,
            path: '/'
        };

        cookies.set(SESSION_COOKIE_NAME, sessionCookie, options);
        cookies.set(REFRESH_TOKEN_COOKIE_NAME, refreshToken, refreshTokenOption);
#

It works as expected during pnpm run dev.

#

First time setting cookie. 3 February and 2 May

image.png
#

Consequent times setting cookie. results in same 2 May

image.png