From 55d97f866097a71b5a2c9f5a84bf8402e3747800 Mon Sep 17 00:00:00 2001
From: Noel Simbolon <84700640+noelsimbolon@users.noreply.github.com>
Date: Fri, 17 Nov 2023 14:42:52 +0700
Subject: [PATCH] refactor: auth cookie and token

---
 src/controllers/auth-controller.ts | 4 ++--
 src/utils/token.ts                 | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/controllers/auth-controller.ts b/src/controllers/auth-controller.ts
index c0cb9d9..cb1044b 100644
--- a/src/controllers/auth-controller.ts
+++ b/src/controllers/auth-controller.ts
@@ -37,8 +37,8 @@ const setFingerprintCookie = (
   res: Response,
   fingerprint: string,
 ): void => {
-  res.cookie("Secure-fingerprint", fingerprint, {
-    maxAge: 60 * 15 * 1000, // 15 minutes max age (same as access token expiry)
+  res.cookie("__Secure-fingerprint", fingerprint, {
+    maxAge: 60 * 60, // 60 minutes max age (same as access token expiry)
     httpOnly: true,
     secure: true,
   });
diff --git a/src/utils/token.ts b/src/utils/token.ts
index 3aee8b7..a6162c1 100644
--- a/src/utils/token.ts
+++ b/src/utils/token.ts
@@ -31,7 +31,7 @@ const generateAccessTokenAndFingerprint = async (data: {
         process.env.JWT_SHARED_SECRET as string,
         {
           algorithm: "HS256", // Only use HS256 to generate JWTs
-          expiresIn: "24h", // The token expires after 1 hour
+          expiresIn: "60m", // The token expires 60 minutes
           notBefore: "0ms", // The token is valid right away
           issuer: "Tonality REST Service",
         },
-- 
GitLab