From 7e340dacafb3b0758cc4641e4ab2630b04177bab Mon Sep 17 00:00:00 2001
From: Nathan Reiner <nathan@nathanreiner.xyz>
Date: Wed, 26 Nov 2025 13:42:03 +0100
Subject: auth: set max-age property on set-cookie to make session last

---
 src/routes/handler-info.zig | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/routes')

diff --git a/src/routes/handler-info.zig b/src/routes/handler-info.zig
index 95720b9..ca4babd 100644
--- a/src/routes/handler-info.zig
+++ b/src/routes/handler-info.zig
@@ -130,7 +130,10 @@ pub fn handle(
     if (context.response.headers.fingerprint) |auth_token| {
         var value = std.Io.Writer.Allocating.init(arena.allocator());
 
-        try value.writer.print("fingerprint={s}; Secure; Path=/", .{auth_token});
+        try value.writer.print("fingerprint={s}; Secure; Path=/; Max-Age={}", .{
+            auth_token,
+            storage.config.session_expires_after / std.time.ns_per_s,
+        });
 
         try headers.append(allocator, .{
             .name = "Set-Cookie",
-- 
cgit v1.2.3-70-g09d2