From 42227636036caf081db028bef69f36e7c9b89d18 Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Tue, 19 May 2026 19:10:32 +0000
Subject: [PATCH] feat: Set login session cookie expiry to 365 days

Co-authored-by: aider (gemini/gemini-2.5-pro) <aider@aider.chat>
---
 app/app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/app.py b/app/app.py
index f2daa72..c3ac2b1 100644
--- a/app/app.py
+++ b/app/app.py
@@ -66,7 +66,7 @@ logging.getLogger("httpx").setLevel(logging.WARNING)
 logger = logging.getLogger("immich_drop")
 
 # Cookie-based session for short-lived auth token storage (no persistence)
-app.add_middleware(SessionMiddleware, secret_key=SETTINGS.session_secret, same_site="lax")
+app.add_middleware(SessionMiddleware, secret_key=SETTINGS.session_secret, same_site="lax", max_age=365 * 24 * 60 * 60)
 
 FRONTEND_DIR = os.path.join(os.path.dirname(os.path.dirname(__file__)), "frontend")
 app.mount("/static", StaticFiles(directory=FRONTEND_DIR), name="static")