Improve JWTs to be valid 1 day

src/lib/server/user_handler.ts

@@ -14,7 +14,9 @@ export const userHandler: Handle = async ({ event, resolve }) => {
   const idTokenJwt = cookies.get("id_token")
   if (idTokenJwt !== undefined) {
     try {
-      locals.id_token = jwt.verify(idTokenJwt, config.jwtSecret) as string
+      locals.id_token = (
+        jwt.verify(idTokenJwt, config.jwtSecret) as { id_token: string }
+      ).id_token
     } catch (e) {
       console.warn(`Invalid JSON Web Token for id_token: ${idTokenJwt}. ${e}`)
       cookies.delete("id_token", { path: "/" })

src/routes/auth/login_callback/+server.ts

@@ -48,17 +48,25 @@ export const POST: RequestHandler = async ({
   })
   // console.log("Received tokenSet:", tokenSet)
 
-  const user = tokenSet.claims()
+  const user = { ...tokenSet.claims() }
+  delete user.exp
+  delete user.iat
   // console.log("Received authentication claims:", user)
 
   if (tokenSet.id_token !== undefined) {
-    cookies.set("id_token", jwt.sign(tokenSet.id_token, config.jwtSecret), {
+    cookies.set(
+      "id_token",
+      jwt.sign({ id_token: tokenSet.id_token }, config.jwtSecret, {
+        expiresIn: "1d",
+      }),
+      {
         httpOnly: true,
         path: "/",
         secure: true,
-    })
+      },
+    )
   }
-  cookies.set("user", jwt.sign(user, config.jwtSecret), {
+  cookies.set("user", jwt.sign(user, config.jwtSecret, { expiresIn: "1d" }), {
     httpOnly: true,
     path: "/",
     secure: true,