From ab80279e7db2e36ff2c59bf336f3eb0072b626f4 Mon Sep 17 00:00:00 2001
From: Robert Raposa <rraposa@edx.org>
Date: Thu, 16 Jan 2025 15:42:32 -0500
Subject: [PATCH] feat: Make SESSION_COOKIE_AGE explicit

Making SESSION_COOKIE_AGE explicit to make it more clear
that we have a session timeout, and how long it is.
---
 lms/envs/production.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lms/envs/production.py b/lms/envs/production.py
index 3ea1c952e479..c22b358fadcd 100644
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -70,6 +70,9 @@ def get_env_setting(setting):
 EMAIL_HOST = 'localhost'
 EMAIL_PORT = 25
 EMAIL_USE_TLS = False
+# Makes the session timeout explicit, even though 1209600 (2 weeks, in
+# seconds) is Django's default.
+SESSION_COOKIE_AGE: 1209600
 SESSION_COOKIE_DOMAIN = None
 SESSION_COOKIE_HTTPONLY = True
 AWS_SES_REGION_NAME = 'us-east-1'