#115 chore: set max age of auth cookie to 2 hours

joseantmazonsb · Mar 17, 2022 · 98e07a3 · 98e07a3
1 parent 7b19b69
commit 98e07a3
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/Linguard/Web/Services/AuthenticationService.cs b/Linguard/Web/Services/AuthenticationService.cs
@@ -22,7 +22,8 @@ public class AuthenticationService : IAuthenticationService {
     private readonly IJSRuntime _jsRuntime;
     private readonly IAuthenticationCookieFormat _cookieFormat = AuthenticationCookieFormat.Default;
     private const string JsNamespace = "authFunctions";
-
+    private static readonly TimeSpan AuthCookieExpireTimeSpan = TimeSpan.FromHours(2);
+
     public AuthenticationService(ILogger logger, UserManager<IdentityUser> userManager, SignInManager<IdentityUser> signInManager, 
         AuthenticationStateProvider authenticationStateProvider, 
         IHostEnvironmentAuthenticationStateProvider hostAuthentication, 
@@ -66,9 +67,9 @@ private ValueTask SetLoginCookie(ClaimsPrincipal principal) {
         var ticket = new AuthenticationTicket(principal, default, _cookieFormat.Scheme);
         var value = options.TicketDataFormat.Protect(ticket);
         return _jsRuntime.InvokeVoidAsync($"{JsNamespace}.setCookie", _cookieFormat.Name, 
-            value, options.ExpireTimeSpan.TotalSeconds);
+            value, AuthCookieExpireTimeSpan.TotalSeconds);
     }
-
+    
     public async void Logout() {
         var username = _signInManager.Context.User.Identity?.Name;
         _logger.LogInformation($"Logging out user '{username}'...");