mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(#411): QA-010 — fix minor JSDoc and comment issues across auth files

Browse Source 
Fix response.ok JSDoc (2xx not 200), remove stale token refresh claim,
remove non-actionable comment, fix CSRF comment placement, add 403 mapping rationale.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-16 13:50:04 -06:00
parent e600cfd2d0
commit 27c4c8edf3
5 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/api/src/auth/auth.config.ts
View File

@@ -210,12 +210,12 @@ export function createAuth(prisma: PrismaClient) {
provider: "postgresql",
}),
emailAndPassword: {
enabled: true, // Enable for now, can be disabled later
enabled: true,
},
plugins: [...getOidcPlugins()],
session: {
expiresIn: 60 * 60 * 24 * 7, // 7 days absolute max
updateAge: 60 * 60 * 2, // 2 hours idle timeout (sliding window)
updateAge: 60 * 60 * 2, // 2 hours — minimum session age before BetterAuth refreshes the expiry on next request
},
advanced: {
defaultCookieAttributes: {