Add access token expiration configuration and new auth session endpoint

2026-04-24 01:53:25 +07:00
parent aa33d7cf2f
commit f933898c56
2 changed files with 20 additions and 3 deletions
@@ -17,8 +17,11 @@ SESSION_COOKIE_KEYS = [
    "__Secure-next-auth.session-token",
    "authjs.session-token",
    "__Secure-authjs.session-token",
+    "reader_access_token",
 ]

+ACCESS_TOKEN_TTL_SECONDS = 7 * 24 * 60 * 60
+

 def _jwt_secret() -> str:
    return settings.mobile_jwt_secret or settings.nextauth_secret
@@ -29,7 +32,7 @@ def create_access_token(user_id: str) -> str:
    payload = {
        "sub": user_id,
        "iat": int(now.timestamp()),
-        "exp": int((now + dt.timedelta(days=7)).timestamp()),
+        "exp": int((now + dt.timedelta(seconds=ACCESS_TOKEN_TTL_SECONDS)).timestamp()),
    }
    secret = _jwt_secret()
    if not secret: