Brendan Chen
86870db726
Adds src/constants.ts exporting the family-wide session policy (SESSION_TTL_DAYS=30, SESSION_TTL_SECONDS=2_592_000, SESSION_RENEW_THRESHOLD_SECONDS=3600, LOGOUT_PATHS) so every bchen.dev app shares the same persistence window. Introduces issueSessionCookie as the single mint site for fastify-jwt sign + setCookie, replacing inlined jwt.sign + setCookie calls in pages.ts and api/v1/auth.ts. The cookie now carries Max-Age=SESSION_TTL_SECONDS so it persists across browser restarts. Converts requireAuth into a makeRequireAuth(config) factory; route plugins build their own preHandler at registration time. Threads through pages.ts, api/v1/auth.ts, and api/v1/files.ts. SESSION_COOKIE_NAME stays 'token' in this commit so existing tests remain green; the rename to 'nanodrop_session' lands in a follow-up. JWT_EXPIRY env var is still read; its removal also lands in a follow-up so each commit builds cleanly.
6 lines
83 B
TypeScript
6 lines
83 B
TypeScript
export interface JwtPayload {
|
|
sub: number;
|
|
username: string;
|
|
iat?: number;
|
|
}
|