mozilla-releng / balrog / #4994

90%

main: 89%

Pull #3563

circleci

Set auth0 sessionCheckExpiryDays to 7 days to match the token expiry

When authenticating through auth0, we get a token that is valid for
7 days. We cannot refresh that token but after
ce2e38dec, we started validating it.

During validation, the auth0 library checks the
`auth0.{...}.is.authenticated` cookie to verify that you're authed to
auth0 itself on top of validating that the JWT hasn't expired. By
default that cookie is only valid for a day so it would expire way
before the JWT, leading to the check thinking that said JWT had expired,
leading to the user getting logged out.

By matching the length of the JWT expiry and the `is.authenticated`,
we're hopefully only going to be logged out once a week instead of once
a day.

2167 of 2544 branches covered (85.18%)

Branch coverage included in aggregate %.

5722 of 6218 relevant lines covered (92.02%)

0.92 hits per line