set jwt expiry to 2 hours

voteagora · Sep 25, 2023 · d97011f · d97011f
1 parent f56f85b
commit d97011f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/packages/backend/src/worker/rpgfApi/auth.ts b/packages/backend/src/worker/rpgfApi/auth.ts
@@ -78,7 +78,7 @@ async function handleVerifyRequest(
       );
       if (success) {
         return createResponse({ success }, 200, {
-          "Set-Cookie": `access-token=${jwt}; Path=/; HttpOnly; Secure; SameSite=None; max-age=3600`, // TODO: define max-age
+          "Set-Cookie": `access-token=${jwt}; Path=/; HttpOnly; Secure; SameSite=None; max-age=7200`, // 2 hours
         });
       } else {
         return createResponse({ error: "Invalid nonce or signature" }, 401);
@@ -139,6 +139,6 @@ async function handleSessionRequest(
 async function handleSignOut() {
   // Remove cookies
   return createResponse({ success: true }, 200, {
-    "Set-Cookie": `access-token=; Path=/; HttpOnly; Secure; SameSite=Strict; max-age=0`,
+    "Set-Cookie": `access-token=; Path=/; HttpOnly; Secure; SameSite=None; max-age=0`,
   });
 }