diff --git a/source/server/routes/auth/login.test.ts b/source/server/routes/auth/login.test.ts
index 9f5b10b0..e9cb70be 100644
--- a/source/server/routes/auth/login.test.ts
+++ b/source/server/routes/auth/login.test.ts
@@ -21,13 +21,20 @@ describe("/auth/login", function(){
   });
 
   it("sets a cookie", async function(){
+    const maxAge = this.server.locals.sessionMaxAge;
     this.agent = request.agent(this.server);
-    await this.agent.post("/auth/login")
+    let res = await this.agent.post("/auth/login")
     .send({username: user.username, password: "12345678"})
     .set("Content-Type", "application/json")
     .set("Accept", "")
     .expect(200)
     .expect('set-cookie', /session=/);
+
+    let expiresText = /expires=([^;]+);/.exec(res.headers["set-cookie"]);
+    expect(expiresText, `expected regex to match ${res.headers["set-cookie"]}`).to.be.ok;
+    let expiresDate = new Date((expiresText as any)[1]);
+    expect(expiresDate.valueOf()).to.be.above(Date.now()-1);
+    expect(expiresDate.valueOf()).to.be.below(Date.now()+ maxAge + 1);
   });
 
   it("can get login status (not connected)", async function(){