package auth import ( "time" ) const ( // The key name used to store user id in the context // user id is extracted from the jwt token subject field. UserIDContextKey = "user-id" // issuer is the issuer of the jwt token. Issuer = "memos" // Signing key section. For now, this is only used for signing, not for verifying since we only // have 1 version. But it will be used to maintain backward compatibility if we change the signing mechanism. KeyID = "v1" // AccessTokenAudienceName is the audience name of the access token. AccessTokenAudienceName = "user.access-token" AccessTokenDuration = 7 * 24 * time.Hour // CookieExpDuration expires slightly earlier than the jwt expiration. Client would be logged out if the user // cookie expires, thus the client would always logout first before attempting to make a request with the expired jwt. CookieExpDuration = AccessTokenDuration - 1*time.Minute // AccessTokenCookieName is the cookie name of access token. AccessTokenCookieName = "memos.access-token" )