Session expiry: tokens expire after 1 day (auth consistency)

This commit is contained in:
Leo
2026-05-21 22:53:25 -04:00
parent b91ed6bc7b
commit 08c77669b2
+2 -2
View File
@@ -395,7 +395,7 @@ async def auth_middleware(request: Request, call_next):
conn = get_db()
row = conn.execute(
"SELECT u.id, u.username, u.role FROM users u "
"JOIN sessions s ON u.id = s.user_id WHERE s.token = ?",
"JOIN sessions s ON u.id = s.user_id WHERE s.token = ? AND s.expires_at > datetime('now')",
(token,),
).fetchone()
conn.close()
@@ -810,7 +810,7 @@ def login(body: dict):
token = _generate_token()
conn.execute(
"INSERT INTO sessions (user_id, token) VALUES (?, ?)",
"INSERT INTO sessions (user_id, token, expires_at) VALUES (?, ?, datetime('now', '+1 day'))",
(row["id"], token),
)
conn.commit()