add SESSION_COOKIE_AGE

raft-tech · Apr 9, 2024 · bd8cefd · bd8cefd
1 parent f32ca4e
commit bd8cefd
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py
@@ -272,6 +272,7 @@ class Common(Configuration):
     SESSION_COOKIE_HTTPONLY = True
     SESSION_TIMEOUT = 30
     SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+    SESSION_COOKIE_AGE = 30 * 60  # 30 minutes
     # The CSRF token Cookie holds no security benefits when confined to HttpOnly.
     # Setting this to false to allow the frontend to include it in the header
     # of API POST calls to prevent false negative authorization errors.