fix: compare Date timestamps instead of object references in cookie expires setter

Author: NongTham

src/cookies.ts

@@ -158,10 +158,10 @@ export class Cookie<T> implements ElysiaCookie {
 	set value(value: T) {
 		// Check if value actually changed before creating entry in jar
 		const current = this.cookie.value
-		
+
 		// Simple equality check
 		if (current === value) return
-		
+
 		// For objects, do a deep equality check
 		if (
 			typeof current === 'object' &&
@@ -175,7 +175,7 @@ export class Cookie<T> implements ElysiaCookie {
 				// If stringify fails, proceed with setting the value
 			}
 		}
-		
+
 		// Only create entry in jar if value actually changed
 		if (!(this.name in this.jar)) this.jar[this.name] = { ...this.initial }
 		this.jar[this.name].value = value
@@ -186,7 +186,11 @@ export class Cookie<T> implements ElysiaCookie {
 	}
 
 	set expires(expires: Date | undefined) {
-		if (this.cookie.expires === expires) return
+		// Handle undefined values and compare timestamps instead of Date objects
+		const currentExpires = this.cookie.expires
+		if (currentExpires === undefined && expires === undefined) return
+		if (currentExpires?.getTime() === expires?.getTime()) return
+
 		if (!(this.name in this.jar)) this.jar[this.name] = { ...this.initial }
 		this.jar[this.name].expires = expires
 	}
@@ -245,7 +249,9 @@ export class Cookie<T> implements ElysiaCookie {
 		return this.cookie.sameSite
 	}
 
-	set sameSite(sameSite: true | false | 'lax' | 'strict' | 'none' | undefined) {
+	set sameSite(
+		sameSite: true | false | 'lax' | 'strict' | 'none' | undefined
+	) {
 		if (this.cookie.sameSite === sameSite) return
 		if (!(this.name in this.jar)) this.jar[this.name] = { ...this.initial }
 		this.jar[this.name].sameSite = sameSite

test/validator/cookie.test.ts

@@ -462,3 +462,41 @@ describe('Cookie Validation', () => {
 		expect(await response.text()).toBe('empty')
 	})
 })
+
+	it('expires setter compares timestamps not Date objects', async () => {
+		const app = new Elysia().get('/', ({ cookie: { session }, set }) => {
+			// Test 1: Setting expires with same timestamp should not update
+			const date1 = new Date('2025-12-31T23:59:59.000Z')
+			const date2 = new Date('2025-12-31T23:59:59.000Z')
+			
+			session.value = 'test'
+			session.expires = date1
+			
+			// Get reference to jar before setting with same timestamp
+			const jarBefore = set.cookie
+			session.expires = date2 // Same timestamp, should not update
+			const jarAfter = set.cookie
+			
+			// Verify jar wasn't recreated (same reference)
+			expect(jarBefore).toBe(jarAfter)
+			expect(session.expires?.getTime()).toBe(date1.getTime())
+			
+			// Test 2: Setting expires with different timestamp should update
+			const date3 = new Date('2026-01-01T00:00:00.000Z')
+			session.expires = date3
+			expect(session.expires?.getTime()).toBe(date3.getTime())
+			
+			// Test 3: Both undefined should not update
+			session.expires = undefined
+			const jarBeforeUndefined = set.cookie
+			session.expires = undefined
+			const jarAfterUndefined = set.cookie
+			expect(jarBeforeUndefined).toBe(jarAfterUndefined)
+			
+			return 'ok'
+		})
+
+		const response = await app.handle(req('/'))
+		expect(response.status).toBe(200)
+		expect(await response.text()).toBe('ok')
+	})