diff --git a/src/lib/server/db/token.ts b/src/lib/server/db/token.ts
index 61545e4..e26a8ef 100644
--- a/src/lib/server/db/token.ts
+++ b/src/lib/server/db/token.ts
@@ -1,12 +1,10 @@
 import { SqliteError } from "better-sqlite3";
 import { and, eq, gt, lte } from "drizzle-orm";
-import ms from "ms";
 import env from "$lib/server/loadenv";
 import db from "./drizzle";
 import { refreshToken, tokenUpgradeChallenge } from "./schema";
 
-const expiresIn = ms(env.jwt.refreshExp);
-const expiresAt = () => new Date(Date.now() + expiresIn);
+const expiresAt = () => new Date(Date.now() + env.jwt.refreshExp);
 
 export const registerRefreshToken = async (
   userId: number,
diff --git a/src/lib/server/loadenv.ts b/src/lib/server/loadenv.ts
index 40aa88e..a57eff8 100644
--- a/src/lib/server/loadenv.ts
+++ b/src/lib/server/loadenv.ts
@@ -1,3 +1,4 @@
+import ms from "ms";
 import { building } from "$app/environment";
 import { env } from "$env/dynamic/private";
 
@@ -9,12 +10,12 @@ export default {
   databaseUrl: env.DATABASE_URL || "local.db",
   jwt: {
     secret: env.JWT_SECRET,
-    accessExp: env.JWT_ACCESS_TOKEN_EXPIRES || "5m",
-    refreshExp: env.JWT_REFRESH_TOKEN_EXPIRES || "14d",
+    accessExp: ms(env.JWT_ACCESS_TOKEN_EXPIRES || "5m"),
+    refreshExp: ms(env.JWT_REFRESH_TOKEN_EXPIRES || "14d"),
   },
   challenge: {
-    userClientExp: env.USER_CLIENT_CHALLENGE_EXPIRES || "5m",
-    tokenUpgradeExp: env.TOKEN_UPGRADE_CHALLENGE_EXPIRES || "5m",
+    userClientExp: ms(env.USER_CLIENT_CHALLENGE_EXPIRES || "5m"),
+    tokenUpgradeExp: ms(env.TOKEN_UPGRADE_CHALLENGE_EXPIRES || "5m"),
   },
   libraryPath: env.LIBRARY_PATH || "library",
 };
diff --git a/src/lib/server/modules/auth.ts b/src/lib/server/modules/auth.ts
index 6ddab1e..37248ed 100644
--- a/src/lib/server/modules/auth.ts
+++ b/src/lib/server/modules/auth.ts
@@ -23,7 +23,7 @@ type Permission = "pendingClient" | "activeClient";
 
 export const issueToken = (payload: TokenPayload) => {
   return jwt.sign(payload, env.jwt.secret, {
-    expiresIn: payload.type === "access" ? env.jwt.accessExp : env.jwt.refreshExp,
+    expiresIn: (payload.type === "access" ? env.jwt.accessExp : env.jwt.refreshExp) / 1000,
   });
 };
 
diff --git a/src/lib/server/services/auth.ts b/src/lib/server/services/auth.ts
index fbab586..53c2e51 100644
--- a/src/lib/server/services/auth.ts
+++ b/src/lib/server/services/auth.ts
@@ -1,6 +1,5 @@
 import { error } from "@sveltejs/kit";
 import argon2 from "argon2";
-import ms from "ms";
 import { v4 as uuidv4 } from "uuid";
 import { getClient, getClientByPubKeys, getUserClient } from "$lib/server/db/client";
 import { getUserByEmail } from "$lib/server/db/user";
@@ -86,8 +85,7 @@ export const refreshToken = async (refreshToken: string) => {
   };
 };
 
-const expiresIn = ms(env.challenge.tokenUpgradeExp);
-const expiresAt = () => new Date(Date.now() + expiresIn);
+const expiresAt = () => new Date(Date.now() + env.challenge.tokenUpgradeExp);
 
 const createChallenge = async (
   ip: string,
diff --git a/src/lib/server/services/client.ts b/src/lib/server/services/client.ts
index 071355e..1f99d3a 100644
--- a/src/lib/server/services/client.ts
+++ b/src/lib/server/services/client.ts
@@ -1,5 +1,4 @@
 import { error } from "@sveltejs/kit";
-import ms from "ms";
 import {
   createClient,
   getClient,
@@ -27,8 +26,7 @@ export const getUserClientList = async (userId: number) => {
   };
 };
 
-const expiresIn = ms(env.challenge.userClientExp);
-const expiresAt = () => new Date(Date.now() + expiresIn);
+const expiresAt = () => new Date(Date.now() + env.challenge.userClientExp);
 
 const createUserClientChallenge = async (
   userId: number,
diff --git a/src/routes/api/auth/login/+server.ts b/src/routes/api/auth/login/+server.ts
index fbe42c0..479f561 100644
--- a/src/routes/api/auth/login/+server.ts
+++ b/src/routes/api/auth/login/+server.ts
@@ -1,5 +1,4 @@
 import { error, text } from "@sveltejs/kit";
-import ms from "ms";
 import env from "$lib/server/loadenv";
 import { loginRequest } from "$lib/server/schemas";
 import { login } from "$lib/server/services/auth";
@@ -13,12 +12,12 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
   const { accessToken, refreshToken } = await login(email, password);
   cookies.set("accessToken", accessToken, {
     path: "/",
-    maxAge: Math.floor(ms(env.jwt.accessExp) / 1000),
+    maxAge: env.jwt.accessExp / 1000,
     sameSite: "strict",
   });
   cookies.set("refreshToken", refreshToken, {
     path: "/api/auth",
-    maxAge: Math.floor(ms(env.jwt.refreshExp) / 1000),
+    maxAge: env.jwt.refreshExp / 1000,
     sameSite: "strict",
   });
 
diff --git a/src/routes/api/auth/refreshToken/+server.ts b/src/routes/api/auth/refreshToken/+server.ts
index 5a01c85..374fd8c 100644
--- a/src/routes/api/auth/refreshToken/+server.ts
+++ b/src/routes/api/auth/refreshToken/+server.ts
@@ -1,5 +1,4 @@
 import { error, text } from "@sveltejs/kit";
-import ms from "ms";
 import env from "$lib/server/loadenv";
 import { refreshToken as doRefreshToken } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";
@@ -11,12 +10,12 @@ export const POST: RequestHandler = async ({ cookies }) => {
   const { accessToken, refreshToken } = await doRefreshToken(token);
   cookies.set("accessToken", accessToken, {
     path: "/",
-    maxAge: ms(env.jwt.accessExp) / 1000,
+    maxAge: env.jwt.accessExp / 1000,
     sameSite: "strict",
   });
   cookies.set("refreshToken", refreshToken, {
     path: "/api/auth",
-    maxAge: ms(env.jwt.refreshExp) / 1000,
+    maxAge: env.jwt.refreshExp / 1000,
     sameSite: "strict",
   });
 
diff --git a/src/routes/api/auth/upgradeToken/verify/+server.ts b/src/routes/api/auth/upgradeToken/verify/+server.ts
index c4ab37a..eb78286 100644
--- a/src/routes/api/auth/upgradeToken/verify/+server.ts
+++ b/src/routes/api/auth/upgradeToken/verify/+server.ts
@@ -1,5 +1,4 @@
 import { error, text } from "@sveltejs/kit";
-import ms from "ms";
 import env from "$lib/server/loadenv";
 import { tokenUpgradeVerifyRequest } from "$lib/server/schemas";
 import { upgradeToken } from "$lib/server/services/auth";
@@ -21,12 +20,12 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
   );
   cookies.set("accessToken", accessToken, {
     path: "/",
-    maxAge: ms(env.jwt.accessExp) / 1000,
+    maxAge: env.jwt.accessExp / 1000,
     sameSite: "strict",
   });
   cookies.set("refreshToken", refreshToken, {
     path: "/api/auth",
-    maxAge: ms(env.jwt.refreshExp) / 1000,
+    maxAge: env.jwt.refreshExp / 1000,
     sameSite: "strict",
   });