#Deleting cookies

1 messages · Page 1 of 1 (latest)

drowsy rainBOT
#

Hi @plucky jetty. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

#

Based on the information provided in the extracts, it seems like you're correctly using the delete method from the cookies object to delete the cookie named "token". However, it's important to note that the delete method only marks the cookie as expired, it doesn't immediately remove it from the cookies object. This is why you're still seeing the "token" cookie when you log all the cookies immediately after deleting it.

Here's the relevant extract from the Next.js documentation (https://nextjs.org/docs/messages/middleware-upgrade-guide):

// deleting a cookie will mark it as expired
response.cookies.delete('vercel')

So, the "token" cookie should be effectively deleted when the response is sent back to the client and the client processes the Set-Cookie header.

If you want to confirm that the "token" cookie is deleted, you could check it in the subsequent request from the client. If the client doesn't send the "token" cookie in the next request, it means the cookie was successfully deleted.

If the "token" cookie is still being sent by the client in the subsequent requests, it could be due to some client-side JavaScript that is setting the cookie again, or the cookie could be set on a different path or domain that the server doesn't have access to delete. In this case, you might need to debug your client-side code or check your cookie settings.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:

#

@plucky jetty kapa.ai is still learning and improving, please let us know how it did by reacting below

plucky jetty
#

@drowsy rain so the token is expired yes, but how can I remove it from the cookies. What code should I implement and where - in the logout route or in the frontend code

drowsy rainBOT
#

Let me check the knowledge base for you. One moment! :books:

#

When you call response.cookies.delete('token'), it sets the Set-Cookie header in the response to expire the "token" cookie. This tells the client's browser to delete the cookie. However, this doesn't immediately remove the cookie from the cookies object in your server-side code.

If you want to remove the "token" cookie from the cookies object immediately after deleting it, you could create a new cookies object without the "token" cookie. However, this is generally not necessary because the cookies object is created anew for each request, and the "token" cookie won't be in the cookies object in the next request if it was successfully deleted.

Here's an example of how you could create a new cookies object without the "token" cookie:

// get all cookies
const allCookies = cookies().getAll()

// create a new cookies object without the "token" cookie
const newCookies = Object.keys(allCookies)
  .filter(cookieName => cookieName !== 'token')
  .reduce((obj, key) => {
    obj[key] = allCookies[key]
    return obj
  }, {})

// log the new cookies object
console.log(newCookies)

But again, this is generally not necessary because the "token" cookie won't be in the cookies object in the next request if it was successfully deleted.

If the "token" cookie is still being sent by the client in the subsequent requests, it could be due to some client-side JavaScript that is setting the cookie again, or the cookie could be set on a different path or domain that the server doesn't have access to delete. In this case, you might need to debug your client-side code or check your cookie settings.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: