From 6a5018189497fa90113ff542abf7c1e796a7e284 Mon Sep 17 00:00:00 2001
From: Jascha Pearson <47342646+jcap97@users.noreply.github.com>
Date: Thu, 3 Oct 2024 20:22:35 +0800
Subject: [PATCH] fix(nuxt): session cookie max age

The maxAge being set to cookie browser is equal to 432,000,000 seconds = 5,000 days

Root cause: The maxAge in setCookie() method from 'h3' has unit of seconds. Meanwhile, the expiresIn in firebase admin.createSessionCookie() has a unit of milliseconds.
---
 packages/nuxt/src/runtime/auth/api.session-verification.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/nuxt/src/runtime/auth/api.session-verification.ts b/packages/nuxt/src/runtime/auth/api.session-verification.ts
index 6de46341..315648da 100644
--- a/packages/nuxt/src/runtime/auth/api.session-verification.ts
+++ b/packages/nuxt/src/runtime/auth/api.session-verification.ts
@@ -37,7 +37,7 @@ export default defineEventHandler(async (event) => {
       setResponseStatus(event, 301)
     } else {
       const cookie = await adminAuth
-        .createSessionCookie(token!, { expiresIn: AUTH_COOKIE_MAX_AGE })
+        .createSessionCookie(token!, { expiresIn: AUTH_COOKIE_MAX_AGE * 1_000 })
         .catch((e: any) => {
           logger.error('Error minting the cookie', e)
         })
@@ -73,7 +73,7 @@ export default defineEventHandler(async (event) => {
 
 // these must be within this file because the handler gets inlined in dev mode
 const ID_TOKEN_MAX_AGE = 5 * 60
-const AUTH_COOKIE_MAX_AGE = 60 * 60 * 24 * 5 * 1_000
+const AUTH_COOKIE_MAX_AGE = 60 * 60 * 24 * 5
 // MUST be named session to be kept
 // https://firebase.google.com/docs/hosting/manage-cache#using_cookies
 const AUTH_COOKIE_NAME = '__session'