From 747e115152216a5b02282830a4099c2ca248c7fe Mon Sep 17 00:00:00 2001
From: Max Froumentin <max.froumentin@digital.cabinet-office.gov.uk>
Date: Mon, 9 Sep 2024 14:59:23 +0100
Subject: [PATCH] Reduce the session timeout

The default session timeout is 2 weeks, which is too long
for our usage. Reduce it to 24 hours
---
 request_a_govuk_domain/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/request_a_govuk_domain/settings.py b/request_a_govuk_domain/settings.py
index 40aa84b0..1cf5a18e 100644
--- a/request_a_govuk_domain/settings.py
+++ b/request_a_govuk_domain/settings.py
@@ -257,6 +257,9 @@
     CSRF_FAILURE_VIEW = "request_a_govuk_domain.request.views.csrf_failure_view"
     SESSION_COOKIE_SECURE = True
 
+# Set session (end-user or admin) to expire in 24 hours
+SESSION_COOKIE_AGE = 24 * 60 * 60
+
 # Content Security Policy: only allow images, stylesheets and scripts from the
 # same origin as the HTML
 CSP_IMG_SRC = "'self'"