From 96e8e9736f31100cb175077ba515c6b6d84ab2f7 Mon Sep 17 00:00:00 2001
From: PfaffIC <pfaff@interconnect.de>
Date: Mon, 13 Nov 2023 11:28:58 +0100
Subject: [PATCH] Added auth cookie expiration for external login via OAuth2.

Auth cookie expiration time ist set to value provided in Setting "LoginOptions:CookieExpiration" (if provided).
---
 .../OqtaneSiteAuthenticationBuilderExtensions.cs          | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
index 8ef2f7ad..72844b94 100644
--- a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
+++ b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
@@ -213,6 +213,14 @@ namespace Oqtane.Extensions
             // pass properties to OnTicketReceived
             context.Properties.SetParameter("status", identity.Label);
             context.Properties.SetParameter("redirecturl", context.Properties.RedirectUri);
+
+            // set cookie expiration
+            string cookieExpStr = context.HttpContext.GetSiteSettings().GetValue("LoginOptions:CookieExpiration", "");
+            if (!string.IsNullOrEmpty(cookieExpStr) && TimeSpan.TryParse(cookieExpStr, out TimeSpan cookieExpTS))
+            {
+                context.Properties.ExpiresUtc = DateTime.Now.Add(cookieExpTS);
+                context.Properties.IsPersistent = true;
+            }
         }
 
         private static Task OnTicketReceived(TicketReceivedContext context)