Merge pull request #3249 from dato/cookie_age_setting

Set SESSION_COOKIE_AGE from environment
bookwyrm-social · Feb 3, 2024 · 45cc3dc · 45cc3dc
2 parents efa29b2 + 80ad36e
commit 45cc3dc
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/.env.example b/.env.example
@@ -137,6 +137,10 @@ TWO_FACTOR_LOGIN_MAX_SECONDS=60
 # and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
 # Value should be a comma-separated list of host names.
 CSP_ADDITIONAL_HOSTS=
+
 # The last number here means "megabytes"
 # Increase if users are having trouble uploading BookWyrm export files.
-DATA_UPLOAD_MAX_MEMORY_SIZE = (1024**2 * 100)
+DATA_UPLOAD_MAX_MEMORY_SIZE = (1024**2 * 100)
+
+# Time before being logged out (in seconds)
+# SESSION_COOKIE_AGE=2592000   # current default: 30 days
diff --git a/bookwyrm/settings.py b/bookwyrm/settings.py
@@ -30,6 +30,9 @@
 
 PAGE_LENGTH = env.int("PAGE_LENGTH", 15)
 DEFAULT_LANGUAGE = env("DEFAULT_LANGUAGE", "English")
+# TODO: extend maximum age to 1 year once termination of active sessions
+# is implemented (see bookwyrm-social#2278, bookwyrm-social#3082).
+SESSION_COOKIE_AGE = env.int("SESSION_COOKIE_AGE", 3600 * 24 * 30)  # 1 month
 
 JS_CACHE = "8a89cad7"