@b9g/cookies

CookieStore API implementation for servers.

CookieStore

Global cookieStore available in ServiceWorker code.

get(name: string): Promise<CookieListItem | null>

Gets a cookie by name.

const cookie = await cookieStore.get("session");
if (cookie) {
  console.log(cookie.value);
}

get(options: CookieStoreGetOptions): Promise<CookieListItem | null>

Gets a cookie with options.

const cookie = await cookieStore.get({
  name: "session",
  url: "https://example.com",
});

getAll(): Promise<CookieListItem[]>

Gets all cookies.

const cookies = await cookieStore.getAll();

getAll(name: string): Promise<CookieListItem[]>

Gets all cookies with a specific name.

getAll(options: CookieStoreGetOptions): Promise<CookieListItem[]>

Gets cookies matching options.

set(name: string, value: string): Promise<void>

Sets a cookie with defaults.

await cookieStore.set("session", "abc123");

set(options: CookieInit): Promise<void>

Sets a cookie with options.

await cookieStore.set({
  name: "session",
  value: "abc123",
  expires: Date.now() + 86400000,
  sameSite: "lax",
});

delete(name: string): Promise<void>

Deletes a cookie.

await cookieStore.delete("session");

delete(options: CookieStoreDeleteOptions): Promise<void>

Deletes a cookie with options.

await cookieStore.delete({
  name: "session",
  domain: "example.com",
  path: "/",
});

CookieInit

CookieListItem

interface CookieListItem {
  name: string;
  value: string;
  domain?: string;
  path?: string;
  expires?: number;
  secure?: boolean;
  sameSite?: "strict" | "lax" | "none";
  partitioned?: boolean;
}

Request Isolation

Each request gets its own cookie store via AsyncContext. Changes are applied as Set-Cookie headers on the response.

Limitations

• No httpOnly support (use server-side sessions for sensitive tokens)
• No change events

See Also

• AsyncContext - Request isolation
• ServiceWorker - Request handling