From: Carl Worth <cworth@cworth.org>
Date: Wed, 21 Dec 2022 20:47:27 +0000 (-0800)
Subject: Extend maxAge of cookies to be a full week
X-Git-Url: https://git.cworth.org/git?a=commitdiff_plain;h=e0a2bc11a60d831cda27ca04e20719f48588871f;hp=205b1db399554a889b4767241231cefe07e1c773;p=zombocom-ai

Extend maxAge of cookies to be a full week

The other cookie properties set in this commit are the defaults.

We want a long cookie age so that sessions are as persistent as possible.

The default maxAge is unset, but apparently instead of that meaning
"never expire" it is interpeted by agents as meaning the cookie is
non-peristent (and the agent may delete the cookie on browser close).
---

diff --git a/index.js b/index.js
index 7083b13..b149d09 100644
--- a/index.js
+++ b/index.js
@@ -75,7 +75,14 @@ const session_middleware =  session(
      secret: process.env.ZOMBOCOM_SESSION_SECRET,
      resave: false,
      saveUninitialized: true,
-     rolling: true
+     rolling: true,
+     // Let each cookie live for a full month
+     cookie: {
+         path: '/',
+         httpOnly: true,
+         secure: false,
+         maxAge: 1000 * 60 * 60 * 24 * 30
+     }
     });
 
 app.use(session_middleware);