diff --git a/packages/node_modules/express-pouchdb/lib/routes/authentication.js b/packages/node_modules/express-pouchdb/lib/routes/authentication.js
index b0a1cc11..12f53714 100644
--- a/packages/node_modules/express-pouchdb/lib/routes/authentication.js
+++ b/packages/node_modules/express-pouchdb/lib/routes/authentication.js
@@ -8,6 +8,12 @@ var cookieParser = require('cookie-parser'),
 
 var SECTION = 'couch_httpd_auth';
 
+var maxAgeLimit = new Date('3000-01-01').getTime();
+
+class CookieError extends Error {
+  name = 'CookieError';
+}
+
 module.exports = function (app) {
   var usersDBPromise, refreshUsersDBImpl;
 
@@ -91,9 +97,12 @@ module.exports = function (app) {
 
   app.use(function (req, res, next) {
     // TODO: TIMING ATTACK
-    Promise.resolve().then(function () {
+    return Promise.resolve().then(function () {
       return buildCookieSession(req, res);
-    }).catch(function () {
+    }).catch(function (e) {
+      if (e instanceof CookieError) {
+        throw e;
+      }
       return buildBasicAuthSession(req);
     }).then(function (result) {
       req.couchSession = result;
@@ -115,15 +124,19 @@ module.exports = function (app) {
       if (session.info.authenticated) {
         var cookieOptions = {httpOnly: true};
         if (app.couchConfig.get(SECTION, 'allow_persistent_cookies') === true) {
-          cookieOptions['maxAge'] = app.couchConfig.get(SECTION, 'timeout');
+          cookieOptions['maxAge'] = Math.min(app.couchConfig.get(SECTION, 'timeout'), maxAgeLimit);
+        }
+        try {
+          res.cookie('AuthSession', session.sessionID, cookieOptions);
+        } catch (e) {
+          throw Object.assign(new CookieError(), e, { message: `Cookie Set Error: ${e.message}` });
         }
-        res.cookie('AuthSession', session.sessionID, cookieOptions);
         delete session.sessionID;
         session.info.authenticated = 'cookie';
         logSuccess('cookie', session);
       }
       return session;
-    });
+    })
   }
 
   function logSuccess(type, session) {