Shorten session length, change device ID calc

2024-11-25 12:20:49 +01:00 · 2024-11-25 12:20:49 +01:00 · 130554d86b
commit 130554d86b
parent 84731c9e9a
3 changed files with 13 additions and 5 deletions
--- a/apps/link/app/_lib/authentication.ts
+++ b/apps/link/app/_lib/authentication.ts
@ -109,6 +109,9 @@ export const authOptions: NextAuthOptions = {
    signOut: "/logout",
  },
  providers,
+  session: {
+    maxAge: 7 * 24 * 60 * 60,
+  },
  secret: process.env.NEXTAUTH_SECRET,
  callbacks: {
    signIn: async ({ user }) => {
--- a/apps/link/app/_lib/zammad.ts
+++ b/apps/link/app/_lib/zammad.ts
@ -1,13 +1,19 @@
 import { getServerSession } from "app/_lib/authentication";
-import { cookies } from "next/headers";
+import { cookies, headers } from "next/headers";
+import crypto from "crypto";

 const getHeaders = async () => {
+  const userAgent = (await headers()).get("user-agent");
  const allCookies = (await cookies()).getAll();
+  const hashedUserAgent = crypto
+    .createHash("sha256")
+    .update(userAgent)
+    .digest("hex");
  const session = await getServerSession();
-  const headers = {
+  const finalHeaders = {
    "Content-Type": "application/json",
    Accept: "application/json",
-    "X-Browser-Fingerprint": `${session.expires}`,
+    "X-Browser-Fingerprint": hashedUserAgent,
    // @ts-ignore
    "X-CSRF-Token": session.user.zammadCsrfToken,
    Cookie: allCookies
@ -15,7 +21,7 @@ const getHeaders = async () => {
      .join("; "),
  };

-  return headers;
+  return finalHeaders;
 };

 interface ExecuteGraphQLOptions {