cookie max age

1 files changed, 7 insertions, 3 deletions

diff --git a/backend/main.py b/backend/main.py
index e7cbd84..aaab7a1 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -224,20 +224,24 @@ def final_timer_finished(timer_id):
         machine_status[row[RowIndices.BLOCK] - 1][row[RowIndices.MACHINE] - 1] = Status.FINISHED.name
 
 
+#                sec  min  hrs  days
+COOKIE_MAX_AGE = 60 * 60 * 24 * 30  # 30 days
+
+
 def create_session(response: fastapi.Response):
     cookie = secrets.token_hex(32)
-    response.set_cookie(key="session_key", value=cookie, secure=True)
+    response.set_cookie(key="session_key", value=cookie, secure=True, max_age=COOKIE_MAX_AGE)
     return cookie
 
 
 def authenticate_block(response: fastapi.Response, machine_id: str = None, block: int = None):
     if machine_id:
         blk = URI_TO_MACHINES[qr_uri[machine_id]][0]
-        response.set_cookie(key="auth_block", value=blk, secure=True)
+        response.set_cookie(key="auth_block", value=blk, secure=True, max_age=COOKIE_MAX_AGE)
         return blk
     elif block:
         blk = block
-        response.set_cookie(key="auth_block", value=blk, secure=True)
+        response.set_cookie(key="auth_block", value=blk, secure=True, max_age=COOKIE_MAX_AGE)
         return block
     else:
         return "FAIL"