Add configurable JWT expiration time config option

.example.env

@@ -26,6 +26,7 @@ BACKEND_URL=URL
 # Backend - API
 BACKEND_API_GRAPHQL_PLAYGROUND=false
 BACKEND_API_JWT_SECRET=
+BACKEND_API_JWT_EXPIRATION=360
 # Backend - Worker
 # Backend - SMTP
 BACKEND_SMTP_HELO=

docker-compose.yml

@@ -79,6 +79,7 @@ services:
       BACKEND_URL: ${URL}
       BACKEND_API_GRAPHQL_PLAYGROUND: ${BACKEND_API_GRAPHQL_PLAYGROUND}
       BACKEND_API_JWT_SECRET: ${BACKEND_API_JWT_SECRET}
+      BACKEND_API_JWT_EXPIRATION: ${BACKEND_API_JWT_EXPIRATION}
       BACKEND_SMTP_HELO: ${BACKEND_SMTP_HELO}
       BACKEND_SMTP_HOST: ${BACKEND_SMTP_HOST}
       BACKEND_SMTP_PORT: ${BACKEND_SMTP_PORT}

docker/backend/src/backend/api/schema/mutation.cr

@@ -33,7 +33,7 @@ module Backend
             user: User.new(user),
             token: Auth.create_user_jwt(
               user.id.not_nil!.to_i,
-              (Time.utc + (user.admin ? Time::Span.new(hours: 6) : Time::Span.new(days: 1))).to_unix
+              (Time.utc + Backend.config.api.jwt_expiration.minutes).to_unix
             ),
           )
         end

docker/backend/src/backend/config.cr

@@ -87,6 +87,9 @@ module Backend
       # JWT signing key
       getter jwt_secret : String
 
+      # JWT expiration time in minutes
+      getter jwt_expiration : Int32
+
       # Helper method for enabling GraphQL playground
       #
       # Returns `true` if `Config#development?` or `#graphql_playground` are