Update stateful session cookie expiry on set

src/auth0-session/session/stateful-session.ts

@@ -87,11 +87,11 @@ export class StatefulSession<
     if (!sessionId) {
       sessionId = await genId!(req);
       debug('generated new session id %o', sessionId);
-      const cookieValue = await generateCookieValue(sessionName, sessionId, keys[0]);
-      cookieSetter.set(sessionName, cookieValue, cookieOptions);
-      cookieSetter.commit(res);
     }
     debug('set session %o', sessionId);
+    const cookieValue = await generateCookieValue(sessionName, sessionId, keys[0]);
+    cookieSetter.set(sessionName, cookieValue, cookieOptions);
+    cookieSetter.commit(res);
     await this.store.set(sessionId, {
       header: { iat, uat, exp },
       data: session

tests/auth0-session/session/stateful-session.test.ts

@@ -73,6 +73,17 @@ describe('StatefulSession', () => {
   });
 
   it('should get an existing session', async () => {
+    await store.set('foo', await getPayload());
+    const baseURL = await setup(config);
+    const cookieJar = await toSignedCookieJar({ appSession: 'foo' }, baseURL);
+    const [cookie] = await cookieJar.getCookies(baseURL);
+    const expires = cookie.expires;
+    await get(baseURL, '/session', { cookieJar });
+    const [updatedCookie] = await cookieJar.getCookies(baseURL);
+    expect(updatedCookie.expires > expires);
+  });
+
+  it('should update the cookie expiry when setting an existing session', async () => {
     await store.set('foo', await getPayload());
     const baseURL = await setup(config);
     const cookieJar = await toSignedCookieJar({ appSession: 'foo' }, baseURL);