From 1b57195a7a70b18e64e95c71ee599de980428166 Mon Sep 17 00:00:00 2001
From: swve <bdswve@gmail.com>
Date: Fri, 26 Jan 2024 00:32:28 +0100
Subject: [PATCH] fix: access_tokens issues

---
 apps/api/src/routers/auth.py  | 6 +++++-
 apps/api/src/security/auth.py | 4 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/apps/api/src/routers/auth.py b/apps/api/src/routers/auth.py
index 307ad70b..be258bb9 100644
--- a/apps/api/src/routers/auth.py
+++ b/apps/api/src/routers/auth.py
@@ -1,3 +1,4 @@
+from datetime import timedelta
 from fastapi import Depends, APIRouter, HTTPException, Response, status, Request
 from fastapi.security import OAuth2PasswordRequestForm
 from sqlmodel import Session
@@ -28,6 +29,7 @@ def refresh(response: Response, Authorize: AuthJWT = Depends()):
         value=new_access_token,
         httponly=False,
         domain=get_learnhouse_config().hosting_config.cookie_config.domain,
+        expires=int(timedelta(hours=8).total_seconds()),
     )
     return {"access_token": new_access_token}
 
@@ -53,14 +55,16 @@ async def login(
     access_token = Authorize.create_access_token(subject=form_data.username)
     refresh_token = Authorize.create_refresh_token(subject=form_data.username)
     Authorize.set_refresh_cookies(refresh_token)
+
     # set cookies using fastapi
     response.set_cookie(
         key="access_token_cookie",
         value=access_token,
         httponly=False,
         domain=get_learnhouse_config().hosting_config.cookie_config.domain,
+        expires=int(timedelta(hours=8).total_seconds()),
     )
-    
+
     user = UserRead.from_orm(user)
 
     result = {
diff --git a/apps/api/src/security/auth.py b/apps/api/src/security/auth.py
index 4d6d290a..f90bf9d6 100644
--- a/apps/api/src/security/auth.py
+++ b/apps/api/src/security/auth.py
@@ -21,7 +21,9 @@ class Settings(BaseModel):
     authjwt_secret_key: str = "secret" if isDevModeEnabled() else SECRET_KEY
     authjwt_token_location = {"cookies", "headers"}
     authjwt_cookie_csrf_protect = False
-    authjwt_access_token_expires = False if isDevModeEnabled() else 28800
+    authjwt_access_token_expires = (
+        False if isDevModeEnabled() else timedelta(hours=8).total_seconds()
+    )
     authjwt_cookie_samesite = "lax"
     authjwt_cookie_secure = True
     authjwt_cookie_domain = get_learnhouse_config().hosting_config.cookie_config.domain