longer cookie

2026-01-15 17:57:34 -06:00
parent 136aeaa66b
commit e3e24e5c17
1 changed files with 5 additions and 5 deletions
--- a/server/auth.js
+++ b/server/auth.js
@@ -68,11 +68,11 @@ export default class AuthHandler {
            const token = jwt.sign(payload, secret, options);

            res.cookie("auth_token", token, {
-                httpOnly: true,               // cannot be accessed by JS
-                secure: process.env.ENV === "production", // only over HTTPS
-                sameSite: "lax",              // like SameSiteLaxMode
-                maxAge: 2 * 60 * 60 * 1000,   // 2 hours in milliseconds
-                path: "/",                     // available on entire site
+                httpOnly: true,                             // cannot be accessed by JS
+                secure: process.env.ENV === "production",   // only over HTTPS
+                sameSite: "lax",                            // like SameSiteLaxMode
+                maxAge: 60 * 24 * 60 * 60 * 1000,           // 60 days
+                path: "/",                                  // available on entire site
                domain: process.env.ENV === "production" ? "." + process.env.BASE_URL : undefined
            });