fix(time-tracking): keep workers signed in for 7 days
Deploy to route.crispygoat.com / deploy (push) Successful in 3m42s
Deploy to route.crispygoat.com / deploy (push) Successful in 3m42s
Field workers were forced to re-enter their PIN every 12 hours. That's noticeable friction on devices that stay signed in for a week or more. Bumped COOKIE_MAX_AGE to 7 days (604800s) so a worker who clocks out on Friday doesn't see the PIN screen Monday morning. The cookie is httpOnly + secure (in prod) + sameSite=lax, so the extended lifetime doesn't materially change the threat surface. The expires_at inside the cookie value is recomputed from the same constant, so the in-cookie expiry and the browser-side Max-Age agree. Field workers still log out explicitly via the Hub 'Sign out' tile (or the server-side /api time-tracking/notify handler) when they want to end the session sooner. Forced re-auth only happens when the cookie actually expires or the worker logs out.
This commit is contained in:
@@ -46,7 +46,12 @@ export type TimeTrackingSession = {
|
||||
// ── Cookie helpers ─────────────────────────────────────────────────────────
|
||||
|
||||
const SESSION_COOKIE = "time_tracking_session";
|
||||
const COOKIE_MAX_AGE = 12 * 60 * 60; // 12 hours
|
||||
// 7 days. The cookie is httpOnly + secure (in prod) + sameSite=lax so
|
||||
// XSS / cross-site theft are already mitigated; the remaining risk is a
|
||||
// shared/unlocked device on the field. Workers notice forced re-auth
|
||||
// more than they notice a longer session, so we keep them signed in for
|
||||
// a full week. Re-PIN only when the cookie expires or is logged out.
|
||||
const COOKIE_MAX_AGE = 7 * 24 * 60 * 60;
|
||||
|
||||
function sessionCookieValue(session: TimeTrackingSession): string {
|
||||
return [
|
||||
|
||||
Reference in New Issue
Block a user