feat: custom cookie age

2025-10-28 12:45:47 +00:00 · 2025-01-25 15:29:17 +02:00
parent 2c7144937a
commit cc480085c5
3 changed files with 5 additions and 0 deletions
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -140,6 +140,7 @@ func init() {
 	rootCmd.Flags().String("generic-user-url", "", "Generic OAuth user info URL.")
 	rootCmd.Flags().Bool("disable-continue", false, "Disable continue screen and redirect to app directly.")
 	rootCmd.Flags().String("whitelist", "", "Comma separated list of email addresses to whitelist (only for oauth).")
+	rootCmd.Flags().Int("cookie-expiry", 86400, "Cookie expiration time in seconds.")
 	viper.BindEnv("port", "PORT")
 	viper.BindEnv("address", "ADDRESS")
 	viper.BindEnv("secret", "SECRET")
@@ -159,5 +160,6 @@ func init() {
 	viper.BindEnv("generic-user-url", "GENERIC_USER_URL")
 	viper.BindEnv("disable-continue", "DISABLE_CONTINUE")
 	viper.BindEnv("whitelist", "WHITELIST")
+	viper.BindEnv("cookie-expiry", "COOKIE_EXPIRY")
 	viper.BindPFlags(rootCmd.Flags())
 }
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -77,6 +77,7 @@ func (api *API) Init() {
 		Path:     "/",
 		HttpOnly: true,
 		Secure:   isSecure,
+		MaxAge:   api.Config.CookieExpiry,
 	})

 	router.Use(sessions.Sessions("tinyauth", store))
--- a/internal/types/types.go
+++ b/internal/types/types.go
@@ -38,6 +38,7 @@ type Config struct {
 	GenericUserURL      string `mapstructure:"generic-user-info-url"`
 	DisableContinue     bool   `mapstructure:"disable-continue"`
 	Whitelist           string `mapstructure:"whitelist"`
+	CookieExpiry        int    `mapstructure:"cookie-expiry"`
 }

 type UserContext struct {
@@ -53,6 +54,7 @@ type APIConfig struct {
 	Secret          string
 	AppURL          string
 	CookieSecure    bool
+	CookieExpiry    int
 	DisableContinue bool
 }