I am using nginx as a proxy between a front end and an API. When the API returns a token, nginx sets it as a cookie. The cookie will either have an expiry of 30 minutes, or 14 days if the user ticked 'remember me'
If they didn't tick remember me, I want the user to be logged out after 30 mins of inactivity, so on every request, if the cookie exists, I add it again with a new expiry of 30 minutes. However, if the user chose 'remember me' the original cookie has 14 day expiry and I don't want to shorten it!
Is there anyway to do something conditionally on based on the expiry of a cookie? Or I could store the expiry in a different cookie but I still don't know how to do anything conditionally on a date value. This is my config so far:
# Determine max-age for cookie on initial login map $arg_remember $cookie_max_age { "true" "Max-age=1209600"; "false" "Max-age=1800"; } # Make a cookie if an x_my_token header was returned by API map $sent_http_x_my_token $header_to_cookie { "" $extend_cookie; default "my_token=$sent_http_x_my_token; path=/; HttpOnly; Secure; SameSite=Strict; $cookie_max_age"; } # This map extends the cookie by 30mins if it exists map $cookie_my_token $extend_cookie { "" ""; default "my_token=$cookie_my_token; path=/; HttpOnly; Secure; SameSite=Strict; Max-age=1800"; } server { ... location /api/ { ... proxy_set_header Authorization "Bearer ${cookie_my_token}"; add_header Set-Cookie $header_to_cookie; } } Thanks for any advice
