Don't log users out so frequently

Fixes #8949. We agreed on logging inactive users out after three months and active users after one year, Slack thread: https://hypothes-is.slack.com/archives/C4K6M7P5E/p1726753077108739?thread_ts=1726473609.158389&cid=C4K6M7P5E
hypothesis · Sep 19, 2024 · bdbe3ae · bdbe3ae
1 parent 6bc20d2
commit bdbe3ae
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 8 deletions.
diff --git a/h/security/policy/top_level.py b/h/security/policy/top_level.py
@@ -1,3 +1,5 @@
+from datetime import timedelta
+
 import webob
 from pyramid.request import RequestLocalCache
 from pyramid.security import Allowed, Denied
@@ -10,7 +12,7 @@
 from h.security.policy._cookie import CookiePolicy
 from h.security.policy.helpers import AuthTicketCookieHelper, is_api_request
 
-HTML_AUTHCOOKIE_MAX_AGE = 30 * 24 * 3600 # 30 days.
+HTML_AUTHCOOKIE_MAX_AGE = int(timedelta(days=365).total_seconds())
 
 
 class TopLevelPolicy:
@@ -55,7 +57,7 @@ def get_subpolicy(request):
  # Make the API authcookie stay fresh for longer than the HTML one.
  # This is to make it less likely that a browser will have an unexpired HTML
  # authcookie but an expired API one, which can lead to confusing results.
- max_age=HTML_AUTHCOOKIE_MAX_AGE + 3600,
+ max_age=HTML_AUTHCOOKIE_MAX_AGE + int(timedelta(hours=1).total_seconds()),
  )
  api_authcookie = api_authcookie.bind(request)
 

diff --git a/h/services/auth_ticket.py b/h/services/auth_ticket.py
@@ -6,7 +6,7 @@
 
 
 class AuthTicketService:
- TICKET_TTL = timedelta(days=7)
+ TICKET_TTL = timedelta(days=90)
 
  # We only want to update the `expires` column when the tickets `expires` is
  # at least one minute smaller than the potential new value. This prevents

diff --git a/h/session.py b/h/session.py
@@ -1,3 +1,4 @@
+from datetime import timedelta
 from urllib.parse import urlparse
 
 from pyramid.csrf import SessionCSRFStoragePolicy
@@ -126,7 +127,7 @@ def includeme(config): # pragma: no cover
  #
  # To avoid this we make sure that the lifetime of CSRF tokens is always
  # longer than the lifetimes of auth cookies.
- timeout=HTML_AUTHCOOKIE_MAX_AGE + 3600,
+ timeout=HTML_AUTHCOOKIE_MAX_AGE + int(timedelta(hours=1).total_seconds()),
  )
  config.set_session_factory(factory)
  config.set_csrf_storage_policy(SessionCSRFStoragePolicy())
diff --git a/tests/unit/h/security/policy/top_level_test.py b/tests/unit/h/security/policy/top_level_test.py
@@ -90,7 +90,7 @@ def test_api_request(
  secret="test_h_api_auth_cookie_secret",
  salt="test_h_api_auth_cookie_salt",
  cookie_name="h_api_authcookie",
- max_age=2595600,
+ max_age=31539600,
  httponly=True,
  secure=True,
  samesite="strict",
@@ -99,7 +99,7 @@ def test_api_request(
  secret="test_h_auth_cookie_secret",
  salt="authsanity",
  cookie_name="auth",
- max_age=2592000,
+ max_age=31536000,
  httponly=True,
  secure=True,
  ),
@@ -147,7 +147,7 @@ def test_non_api_request(
  secret="test_h_api_auth_cookie_secret",
  salt="test_h_api_auth_cookie_salt",
  cookie_name="h_api_authcookie",
- max_age=2595600,
+ max_age=31539600,
  httponly=True,
  secure=True,
  samesite="strict",
@@ -156,7 +156,7 @@ def test_non_api_request(
  secret="test_h_auth_cookie_secret",
  salt="authsanity",
  cookie_name="auth",
- max_age=2592000,
+ max_age=31536000,
  httponly=True,
  secure=True,
  ),