From 4a3028f61ae688558e1e59b52225d6a50c1adc96 Mon Sep 17 00:00:00 2001
From: Derrick Hammer <derrick@derrickhammer.com>
Date: Wed, 20 Mar 2024 14:56:18 -0400
Subject: [PATCH] fix: cookies sent to us don't include the expiry time, so we
 need to parse from thr jwt echo it.

---
 account/jwt.go | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/account/jwt.go b/account/jwt.go
index d528b32..730c607 100644
--- a/account/jwt.go
+++ b/account/jwt.go
@@ -143,10 +143,22 @@ func EchoAuthCookie(jc jape.Context, apiName string) {
 			continue
 		}
 
+		unverified, _, err := jwt.NewParser().ParseUnverified(cookies[0].Value, &jwt.RegisteredClaims{})
+		if err != nil {
+			http.Error(jc.ResponseWriter, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		exp, err := unverified.Claims.GetExpirationTime()
+		if err != nil {
+			http.Error(jc.ResponseWriter, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
 		http.SetCookie(jc.ResponseWriter, &http.Cookie{
 			Name:     cookies[0].Name,
 			Value:    cookies[0].Value,
-			Expires:  cookies[0].Expires,
+			Expires:  exp.Time,
 			Secure:   true,
 			HttpOnly: true,
 			Path:     "/",