fix #1342: extend session timer to 48 hours

2020-01-23 12:02:02 -06:00 · 2020-01-23 12:02:02 -06:00 · 80f70ae4ab
--- a/.env-dist
+++ b/.env-dist
@ -3,6 +3,7 @@ NODE_ENV=dev
 SERVER_URL=http://localhost:6060
 PORT=6060
 COOKIE_SECRET=3895d33b5f9730f5eb2a2067fe0a690e298f55f5e382c032fd3656863412
+SESSION_DURATION_HOURS=48

 # see https://www.npmjs.com/package/mozlog
 # default values are for dev/debug
--- a/app-constants.js
+++ b/app-constants.js
@ -10,6 +10,7 @@ const kEnvironmentVariables = [
  "SERVER_URL",
  "PORT",
  "COOKIE_SECRET",
+  "SESSION_DURATION_HOURS",
  "SMTP_URL",
  "EMAIL_FROM",
  "SES_CONFIG_SET",
--- a/server.js
+++ b/server.js
@ -155,11 +155,12 @@ app.locals.FXA_ENABLED = AppConstants.FXA_ENABLED;
 app.locals.SERVER_URL = AppConstants.SERVER_URL;
 app.locals.UTM_SOURCE = new URL(AppConstants.SERVER_URL).hostname;

+const SESSION_DURATION_HOURS = AppConstants.SESSION_DURATION_HOURS || 48;
 app.use(sessions({
  cookieName: "session",
  secret: AppConstants.COOKIE_SECRET,
-  duration: 60 * 60 * 1000, // 60 minutes
-  activeDuration: 15 * 60 * 1000, // 15 minutes
+  duration: SESSION_DURATION_HOURS * 60 * 60 * 1000, // 48 hours
+  activeDuration: SESSION_DURATION_HOURS * 60 * 60 * 1000, // 48 hours
  cookie: cookie,
 }));