Velvet Star Monitor

Standout celebrity highlights with iconic style.

news

node express, how to clear cookie after log out

Writer Andrew Henderson

Basically i'm doing redirect from a.example.com to and i expect to be able to delete cookies on (because cookie is created with .example.com as the cookie domain), but following code doesn't work.

I know that this question seems like duplicate question, i tried everything from similar question but it doesn't work. See after the code what i already tried.

Using express 3.0.3 and node 0.10.32.

express session middleware

...
var cookiedata = { domain : '.example.com', originalMaxAge : null, httpOnly : false
};
app.use(express.session({ store : ..., secret : ..., key : 'express.sid', cookie : cookiedata
}));
...

logout function

function logout(req, res){ ... req.session.destroy(function(){ req.session = null; res.clearCookie('express.sid', { path: '/' }); res.redirect('); });
}

What i already tried from similar question


So i put path : '/' in express session middleware such as:

app.use(express.session({ ..., path : '/' });

No success.


  1. Instead res.clearCookie i used: res.cookie('express.sid', '', {expires: new Date(1), path: '/' });

No success.

1

3 Answers

This is response.clearCookie of Express.JS (file response.js at line 749).

var opts = merge({ expires: new Date(1), path: '/' }, options);
return this.cookie(name, '', opts);

If you set a breakpoint at this line you will see expires is reported at an invalid date. So instead of using response.clearCookie, just make it expire immediately like this one.

response.cookie("express.sid", "", { expires: new Date() });
2

This is working for me with cookie-parser module:

router.get('/logout', function(req, res){ cookie = req.cookies; for (var prop in cookie) { if (!cookie.hasOwnProperty(prop)) { continue; } res.cookie(prop, '', {expires: new Date(0)}); } res.redirect('/');
});

What worked for me was adding path and domain in res.clearCookie

res.clearCookie(<cookie-name>, {path: '/', domain: <domain-on-which-cookie-is-set>}

Also, make sure to include credentials on the frontend, otherwise no cookie will be sent with the request. If no cookie goes to the server, it has nothing to clear!

fetch('url.com', {credentials: "include"}

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Similar Journal

View All

Tetra Master: What are the full rules?

May 2026

Do lure modules and incense cause new pokemon to spawn near you, or existing pokemon to be drawn to you?

May 2026

What is the strongest fixed location equipment you can obtain at Level 1?

May 2026

What's the best strategy to keep the chaos low?

May 2026