fix(time-tracking): keep workers signed in for 7 days
Deploy to route.crispygoat.com / deploy (push) Successful in 3m42s

Field workers were forced to re-enter their PIN every 12 hours. That's
noticeable friction on devices that stay signed in for a week or more.
Bumped COOKIE_MAX_AGE to 7 days (604800s) so a worker who clocks out
on Friday doesn't see the PIN screen Monday morning.

The cookie is httpOnly + secure (in prod) + sameSite=lax, so the
extended lifetime doesn't materially change the threat surface. The
expires_at inside the cookie value is recomputed from the same
constant, so the in-cookie expiry and the browser-side Max-Age agree.

Field workers still log out explicitly via the Hub 'Sign out' tile
(or the server-side /api time-tracking/notify handler) when they
want to end the session sooner. Forced re-auth only happens when the
cookie actually expires or the worker logs out.
This commit is contained in:
Nora
2026-07-06 10:14:00 -06:00
parent 6f1aa37a26
commit 5188960bd2
+6 -1
View File
@@ -46,7 +46,12 @@ export type TimeTrackingSession = {
// ── Cookie helpers ─────────────────────────────────────────────────────────
const SESSION_COOKIE = "time_tracking_session";
const COOKIE_MAX_AGE = 12 * 60 * 60; // 12 hours
// 7 days. The cookie is httpOnly + secure (in prod) + sameSite=lax so
// XSS / cross-site theft are already mitigated; the remaining risk is a
// shared/unlocked device on the field. Workers notice forced re-auth
// more than they notice a longer session, so we keep them signed in for
// a full week. Re-PIN only when the cookie expires or is logged out.
const COOKIE_MAX_AGE = 7 * 24 * 60 * 60;
function sessionCookieValue(session: TimeTrackingSession): string {
return [