feat: Make session maxAge configurable with environment variable (#5830)

Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: Matti Nannt <mail@matti.sh> Co-authored-by: Matthias Nannt <mail@matthiasnannt.com> Co-authored-by: Piyush Gupta <piyushguptaa2z123@gmail.com>
2026-05-01 03:33:40 -05:00 · 2025-05-21 05:49:18 +00:00
parent 342d2b1fc4
commit 0e7f3adf53
35 changed files with 48 additions and 3 deletions
@@ -24,6 +24,7 @@ vi.mock("@/lib/constants", () => ({
  FB_LOGO_URL: "https://formbricks.com/logo.png",
  SMTP_HOST: "smtp.example.com",
  SMTP_PORT: "587",
+  SESSION_MAX_AGE: 1000,
 }));

 vi.mock("next-auth", () => ({
@@ -1,4 +1,9 @@
-import { EMAIL_VERIFICATION_DISABLED, ENCRYPTION_KEY, ENTERPRISE_LICENSE_KEY } from "@/lib/constants";
+import {
+  EMAIL_VERIFICATION_DISABLED,
+  ENCRYPTION_KEY,
+  ENTERPRISE_LICENSE_KEY,
+  SESSION_MAX_AGE,
+} from "@/lib/constants";
 import { symmetricDecrypt, symmetricEncrypt } from "@/lib/crypto";
 import { verifyToken } from "@/lib/jwt";
 import { getUserByEmail, updateUser, updateUserLastLoginAt } from "@/modules/auth/lib/user";
@@ -178,7 +183,7 @@ export const authOptions: NextAuthOptions = {
    ...(ENTERPRISE_LICENSE_KEY ? getSSOProviders() : []),
  ],
  session: {
-    maxAge: 3600,
+    maxAge: SESSION_MAX_AGE,
  },
  callbacks: {
    async jwt({ token }) {
@@ -30,6 +30,7 @@ vi.mock("@/lib/constants", () => ({
  OIDC_CLIENT_SECRET: "test-oidc-client-secret",
  OIDC_SIGNING_ALGORITHM: "test-oidc-signing-algorithm",
  WEBAPP_URL: "test-webapp-url",
+  SESSION_MAX_AGE: 1000,
 }));

 // Mock @/lib/env
@@ -122,6 +122,7 @@ vi.mock("@/lib/constants", () => ({
  SAML_DATABASE_URL: "test-saml-db-url",
  NEXTAUTH_SECRET: "test-nextauth-secret",
  WEBAPP_URL: "http://localhost:3000",
+  SESSION_MAX_AGE: 1000,
 }));

 describe("Organization Settings Teams Actions", () => {
@@ -54,6 +54,7 @@ vi.mock("@/lib/constants", () => ({
  TURNSTILE_SITE_KEY: "test-turnstile-site-key",
  SAML_OAUTH_ENABLED: true,
  SMTP_PASSWORD: "smtp-password",
+  SESSION_MAX_AGE: 1000,
 }));

 // Mock the InviteMembers component
@@ -56,6 +56,7 @@ vi.mock("@/lib/constants", () => ({
  TURNSTILE_SITE_KEY: "test-turnstile-site-key",
  SAML_OAUTH_ENABLED: true,
  SMTP_PASSWORD: "smtp-password",
+  SESSION_MAX_AGE: 1000,
 }));

 // Mock the CreateOrganization component
@@ -49,6 +49,7 @@ vi.mock("@/lib/constants", () => ({
  SMTP_HOST: "mock-smtp-host",
  SMTP_PORT: "mock-smtp-port",
  IS_POSTHOG_CONFIGURED: true,
+  SESSION_MAX_AGE: 1000,
 }));

 vi.mock("@tolgee/react", () => ({
@@ -37,6 +37,7 @@ vi.mock("@/lib/constants", () => ({
  SMTP_PORT: 587,
  SMTP_USERNAME: "user@example.com",
  SMTP_PASSWORD: "password",
+  SESSION_MAX_AGE: 1000,
 }));

 vi.mock("@/modules/survey/link/actions");
@@ -25,6 +25,7 @@ vi.mock("@/lib/constants", () => ({
  FB_LOGO_URL: "https://example.com/mock-logo.png",
  SMTP_HOST: "mock-smtp-host",
  SMTP_PORT: "mock-smtp-port",
+  SESSION_MAX_AGE: 1000,
 }));

 describe("SurveyCard", () => {
@@ -36,6 +36,7 @@ vi.mock("@/lib/constants", () => ({
  WEBAPP_URL: "https://example.com",
  ENCRYPTION_KEY: "mock-encryption-key",
  ENTERPRISE_LICENSE_KEY: "mock-license-key",
+  SESSION_MAX_AGE: 1000,
 }));

 // Track the callback for useDebounce to better control when it fires