aaron/aaronAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Extend session lifetime to 365 days

Browse Source 
Single-user personal app threat model is theft-of-device, not
stolen-cookie. 30-day idle re-prompts created friction without
proportional security benefit. Server TTL and client max-age
remain in sync via shared constant.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Aaron Nelson
2026-05-05 23:29:38 +00:00
parent 6c2af55e7e
commit 63c58b5bb3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/api.py
+1 -1
View File
@@ -132,7 +132,7 @@ When making factual claims about Aaron — his history, credentials, locations,
# Auth configuration
import os
SESSION_PASSWORD = os.getenv("AARON_AI_PASSWORD", "changeme")
SESSION_MAX_AGE_SECONDS = 60 * 60 * 24 * 30
SESSION_MAX_AGE_SECONDS = 60 * 60 * 24 * 365
SESSIONS_DB = str(Path.home() / "aaronai" / "sessions.db")
def _init_sessions():