Fix session token expiry

2026-03-01 14:05:26 +00:00 · 2026-03-01 14:05:26 +00:00 · a8ae173914
commit a8ae173914
parent b7279f57d1
1 changed files with 2 additions and 2 deletions
--- a/server/api/helcim/customer.post.js
+++ b/server/api/helcim/customer.post.js
@ -106,7 +106,7 @@ export default defineEventHandler(async (event) => {
        helcimCustomerId: customerData.id 
      },
      config.jwtSecret,
-      { expiresIn: '24h' }
+      { expiresIn: '7d' }
    )

    // Set the session cookie server-side
@ -114,7 +114,7 @@ export default defineEventHandler(async (event) => {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
-      maxAge: 60 * 60 * 24, // 24 hours
+      maxAge: 60 * 60 * 24 * 7, // 7 days (matches verify.get.js and refresh.post.js)
      path: '/',
      domain: undefined // Let browser set domain automatically
    })