From 3bf094ebf77469188d16758577bebe007c4d83f1 Mon Sep 17 00:00:00 2001 From: sunjie21 Date: Mon, 6 Apr 2026 21:48:31 +0800 Subject: [PATCH] fix(auth): extend JWT and CloudFront cookie expiration from 72h to 30 days Reduces login frequency for users by increasing token lifetime. Co-Authored-By: Claude Opus 4.6 (1M context) --- server/internal/handler/auth.go | 4 ++-- server/internal/middleware/cloudfront.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/server/internal/handler/auth.go b/server/internal/handler/auth.go index 5339190c..61807b81 100644 --- a/server/internal/handler/auth.go +++ b/server/internal/handler/auth.go @@ -175,7 +175,7 @@ func (h *Handler) issueJWT(user db.User) (string, error) { "sub": uuidToString(user.ID), "email": user.Email, "name": user.Name, - "exp": time.Now().Add(72 * time.Hour).Unix(), + "exp": time.Now().Add(30 * 24 * time.Hour).Unix(), "iat": time.Now().Unix(), }) return token.SignedString(auth.JWTSecret()) @@ -302,7 +302,7 @@ func (h *Handler) VerifyCode(w http.ResponseWriter, r *http.Request) { // Set CloudFront signed cookies for CDN access. if h.CFSigner != nil { - for _, cookie := range h.CFSigner.SignedCookies(time.Now().Add(72 * time.Hour)) { + for _, cookie := range h.CFSigner.SignedCookies(time.Now().Add(30 * 24 * time.Hour)) { http.SetCookie(w, cookie) } } diff --git a/server/internal/middleware/cloudfront.go b/server/internal/middleware/cloudfront.go index ab749998..b6a27d75 100644 --- a/server/internal/middleware/cloudfront.go +++ b/server/internal/middleware/cloudfront.go @@ -18,7 +18,7 @@ func RefreshCloudFrontCookies(signer *auth.CloudFrontSigner) func(http.Handler) } return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if _, err := r.Cookie("CloudFront-Policy"); err != nil { - for _, cookie := range signer.SignedCookies(time.Now().Add(72 * time.Hour)) { + for _, cookie := range signer.SignedCookies(time.Now().Add(30 * 24 * time.Hour)) { http.SetCookie(w, cookie) } }