feat(auth): extend refresh TTL and keep session on transient errors
Bumps refresh token lifetime to 720h with env overrides, and stops clearing the local session for non-401 refresh failures so users aren't logged out by transient network blips. Adds a 60s retry timer when a refresh fails for non-auth reasons. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -127,6 +127,8 @@ object_storage:
|
||||
|
||||
jwt:
|
||||
secret: "your-local-secret"
|
||||
access_ttl: 15m
|
||||
refresh_ttl: 720h
|
||||
|
||||
llm:
|
||||
provider: ark
|
||||
|
||||
@@ -137,7 +137,7 @@ cache:
|
||||
jwt:
|
||||
secret: "dev-secret-change-in-production"
|
||||
access_ttl: 15m
|
||||
refresh_ttl: 168h
|
||||
refresh_ttl: 720h
|
||||
|
||||
log:
|
||||
level: debug,info,warn,error
|
||||
|
||||
Reference in New Issue
Block a user