From 20a5f5859bd4fd9b432790854f14dca12c177d8f Mon Sep 17 00:00:00 2001
From: Simon Goller <neosam+github@posteo.de>
Date: Wed, 12 Jun 2024 07:59:51 +0200
Subject: [PATCH] Let expire the user cookie more quickly

This will hopefully fix the OIDC issue by causing the backend
to refresh the token more frequently.
---
 rest/src/lib.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/rest/src/lib.rs b/rest/src/lib.rs
index 36f7dea..cd01b09 100644
--- a/rest/src/lib.rs
+++ b/rest/src/lib.rs
@@ -28,6 +28,8 @@ use service::PermissionService;
 use service::ServiceError;
 use thiserror::Error;
 #[cfg(feature = "oidc")]
+use time::Duration;
+#[cfg(feature = "oidc")]
 use tower::ServiceBuilder;
 #[cfg(feature = "oidc")]
 use tower_sessions::MemoryStore;
@@ -308,7 +310,7 @@ pub async fn start_server<RestState: RestStateDef>(rest_state: RestState) {
         let session_layer = SessionManagerLayer::new(session_store)
             .with_secure(true)
             .with_same_site(SameSite::Strict)
-            .with_expiry(Expiry::OnSessionEnd);
+            .with_expiry(Expiry::OnInactivity(Duration::minutes(2)));
 
         let oidc_auth_service = ServiceBuilder::new()
             .layer(HandleErrorLayer::new(|e: MiddlewareError| async {