space/jellomator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add sliding session renewal and periodic token rotation

Browse Source
This commit is contained in:
Space-Banane
2026-05-20 21:57:14 +02:00
parent 972ccce62a
commit a185c91407
3 changed files with 96 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -35,6 +35,7 @@ The app expects a MariaDB instance configured through environment variables.
### Session and Cookie Env Vars
- `SESSION_TTL_SECONDS` (default: `86400`)
- `SESSION_ROTATE_SECONDS` (default: `3600`, rotate active session token when exceeded)
- `SESSION_COOKIE_SECURE` (default: `false`, set `true` in production HTTPS)
- `REQUIRE_CSRF` (default: `false`, checks same-origin/same-referer for write routes when enabled)
- `LOGIN_MAX_ATTEMPTS` (default: `5`)