feat(backend): Make session duration configurable (#512)

* feat(backend): Make session duration configurable
Fixes #507

Signed-off-by: Marvin A. Ruder <signed@mruder.dev>

* Apply suggestions from code review

Co-authored-by: Elias Schneider <login@eliasschneider.com>

* Move new config option to “General” category

Signed-off-by: Marvin A. Ruder <signed@mruder.dev>

---------

Signed-off-by: Marvin A. Ruder <signed@mruder.dev>
Co-authored-by: Elias Schneider <login@eliasschneider.com>

backend/prisma/seed/config.seed.ts

@@ -25,6 +25,11 @@ const configVariables: ConfigVariables = {
       defaultValue: "true",
       secret: false,
     },
+    sessionDuration: {
+      type: "number",
+      defaultValue: "2160",
+      secret: false,
+    },
   },
   share: {
     allowRegistration: {

backend/src/auth/auth.service.ts

@@ -205,7 +205,12 @@ export class AuthService {
 
   async createRefreshToken(userId: string) {
     const { id, token } = await this.prisma.refreshToken.create({
-      data: { userId, expiresAt: moment().add(3, "months").toDate() },
+      data: {
+        userId,
+        expiresAt: moment()
+          .add(this.config.get("general.sessionDuration"), "hours")
+          .toDate(),
+      },
     });
 
     return { refreshTokenId: id, refreshToken: token };
@@ -229,14 +234,14 @@ export class AuthService {
     if (accessToken)
       response.cookie("access_token", accessToken, {
         sameSite: "lax",
-        maxAge: 1000 * 60 * 60 * 15, // 15 minutes
+        maxAge: 1000 * 60 * 15, // 15 minutes
       });
     if (refreshToken)
       response.cookie("refresh_token", refreshToken, {
         path: "/api/auth/token",
         httpOnly: true,
         sameSite: "strict",
-        maxAge: 1000 * 60 * 60 * 24 * 30 * 3, // 3 months
+        maxAge: 1000 * 60 * 60 * this.config.get("general.sessionDuration"),
       });
   }
 

frontend/src/i18n/translations/de-DE.ts

@@ -294,6 +294,8 @@ export default {
   "admin.config.general.app-url.description": "Auf welcher URL Pingvin Share verfügbar ist",
   "admin.config.general.show-home-page": "Startseite anzeigen",
   "admin.config.general.show-home-page.description": "Ob die Startseite angezeigt werden soll",
+  "admin.config.general.session-duration": "Session-Dauer",
+  "admin.config.general.session-duration.description": "Zeit in Stunden, nach der ein Benutzer sich erneut anmelden muss (Voreinstellung: 3 Monate).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Ändere dein Logo durch Hochladen eines Bildes. Das Bild muss im PNG-Format vorliegen und sollte mit Seitenverhältnis 1:1 sein.",
   "admin.config.general.logo.placeholder": "Bild auswählen",

frontend/src/i18n/translations/en-US.ts

@@ -399,6 +399,10 @@ export default {
   "admin.config.general.show-home-page": "Show home page",
   "admin.config.general.show-home-page.description":
     "Whether to show the home page",
+  "admin.config.general.session-duration": 
+    "Session Duration",
+  "admin.config.general.session-duration.description": 
+    "Time in hours after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description":
     "Change your logo by uploading a new image. The image must be a PNG and should have the format 1:1.",
@@ -432,6 +436,7 @@ export default {
   "admin.config.email.invite-message": "Invite message",
   "admin.config.email.invite-message.description":
     "Message which gets sent when an admin invites a user. {url} will be replaced with the invite URL and {password} with the password.",
+
   "admin.config.share.allow-registration": "Allow registration",
   "admin.config.share.allow-registration.description":
     "Whether registration is allowed",