From d626c274b4088dbe7efe9a3c8c31878e15867b59 Mon Sep 17 00:00:00 2001
From: Teppo Kurki <teppo.kurki@iki.fi>
Date: Sun, 4 Feb 2024 09:47:29 +0200
Subject: [PATCH] fix: rememberme expoires to NEVER

Let's assume that the user's intention when checking
Remember Me in the login form is that they don't want
their login to expire, ever.

This changes the default for the remember me expire to
be NEVER.
---
 src/tokensecurity.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tokensecurity.js b/src/tokensecurity.js
index efc732fc1..12e30c109 100644
--- a/src/tokensecurity.js
+++ b/src/tokensecurity.js
@@ -44,7 +44,7 @@ module.exports = function (app, config) {
   const strategy = {}
 
   let {
-    expiration = '3m',
+    expiration = 'NEVER',
     users = [],
     immutableConfig = false,
     allowDeviceAccessRequests = true,