diff --git a/ChessCubing.App/Components/SiteMenu.razor b/ChessCubing.App/Components/SiteMenu.razor
index ec02073..8faea2b 100644
--- a/ChessCubing.App/Components/SiteMenu.razor
+++ b/ChessCubing.App/Components/SiteMenu.razor
@@ -119,6 +119,9 @@
L'authentification se fait maintenant directement dans l'application, sans redirection vers une page externe.
+
+ La connexion reste memorisee sur ce navigateur pendant 30 jours.
+
diff --git a/ChessCubing.Server/Program.cs b/ChessCubing.Server/Program.cs
index 43e9469..7a26a19 100644
--- a/ChessCubing.Server/Program.cs
+++ b/ChessCubing.Server/Program.cs
@@ -42,10 +42,12 @@ builder.Services
{
options.Cookie.Name = "chesscubing.auth";
options.Cookie.HttpOnly = true;
+ options.Cookie.IsEssential = true;
options.Cookie.SameSite = SameSiteMode.Lax;
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
+ options.Cookie.MaxAge = TimeSpan.FromDays(30);
options.SlidingExpiration = true;
- options.ExpireTimeSpan = TimeSpan.FromDays(7);
+ options.ExpireTimeSpan = TimeSpan.FromDays(30);
options.Events = new CookieAuthenticationEvents
{
OnRedirectToLogin = context =>
@@ -526,6 +528,7 @@ static string? NormalizeOptionalValue(string? value, string fieldName, int maxLe
static async Task SignInAsync(HttpContext httpContext, KeycloakUserInfo userInfo)
{
+ var issuedAt = DateTimeOffset.UtcNow;
var claims = new List();
if (!string.IsNullOrWhiteSpace(userInfo.Subject))
@@ -567,7 +570,8 @@ static async Task SignInAsync(HttpContext httpContext, KeycloakUserInfo userInfo
{
IsPersistent = true,
AllowRefresh = true,
- ExpiresUtc = DateTimeOffset.UtcNow.AddDays(7),
+ IssuedUtc = issuedAt,
+ ExpiresUtc = issuedAt.AddDays(30),
});
httpContext.User = principal;