From 6b85802d7e1b3540c0ceec0804b20be63626114b Mon Sep 17 00:00:00 2001
From: Liam Bigelow <40188355+bglw@users.noreply.github.com>
Date: Mon, 9 Jun 2025 10:39:25 +1200
Subject: [PATCH] Stop overflowing jwt expiration dates

---
 truncate_server/src/storage/accounts.rs | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/truncate_server/src/storage/accounts.rs b/truncate_server/src/storage/accounts.rs
index 7417cc62..3537f629 100644
--- a/truncate_server/src/storage/accounts.rs
+++ b/truncate_server/src/storage/accounts.rs
@@ -29,8 +29,7 @@ struct PlayerClaims {
 }
 
 pub fn get_player_token(server_state: &ServerState, player_id: Uuid) -> AuthedTruncateToken {
-    let claims =
-        Claims::with_custom_claims(PlayerClaims { player_id }, Duration::from_days(100000));
+    let claims = Claims::with_custom_claims(PlayerClaims { player_id }, Duration::from_days(2000));
 
     let token = server_state
         .jwt_key
@@ -54,7 +53,21 @@ pub fn auth_player_token(
 ) -> Result<AuthedTruncateToken, jwt_simple::Error> {
     server_state
         .jwt_key
-        .verify_token::<PlayerClaims>(&token, None)
+        .verify_token::<PlayerClaims>(
+            &token,
+            Some(VerificationOptions {
+                reject_before: None,
+                accept_future: true,
+                required_subject: None,
+                required_key_id: None,
+                required_public_key: None,
+                required_nonce: None,
+                allowed_issuers: None,
+                allowed_audiences: None,
+                time_tolerance: Some(Duration::from_days(2000)),
+                max_validity: Some(Duration::from_days(2000)),
+            }),
+        )
         .map(|t| AuthedTruncateToken {
             token,
             player_id: t.custom.player_id,