From a756e946c60977b73f674cd1bc746a45afa4a307 Mon Sep 17 00:00:00 2001 From: xpoes123 Date: Mon, 29 Jun 2026 23:41:45 -0400 Subject: [PATCH] security: expire session tokens after 7 days --- server/authentication.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/authentication.js b/server/authentication.js index 33d17e082..563fa9dbf 100644 --- a/server/authentication.js +++ b/server/authentication.js @@ -59,7 +59,7 @@ export function checkToken (username, token, checkEmailVerification = false) { * @returns A JWT token. */ export function generateToken (username, verifiedEmail = false) { - return sign({ username, verifiedEmail }, secret); + return sign({ username, verifiedEmail }, secret, { expiresIn: '7d' }); } /**