From 563510e451c4b9da820a68006b327413b23d0c30 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Thu, 21 Jan 2021 11:48:12 +0100
Subject: [PATCH] Extend the USER_SESSION_LIFETIME to 60 days

---
 .../files/lib/system/session/SessionHandler.class.php     | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
index 14b8742486..f0b5022de5 100644
--- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
+++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
@@ -135,7 +135,7 @@ final class SessionHandler extends SingletonFactory {
 	
 	private const ACP_SESSION_LIFETIME = 2 * 3600;
 	private const GUEST_SESSION_LIFETIME = 2 * 3600;
-	private const USER_SESSION_LIFETIME = 14 * 86400;
+	private const USER_SESSION_LIFETIME = 60 * 86400;
 	
 	private const CHANGE_USER_AFTER_MULTIFACTOR_KEY = self::class."\0__changeUserAfterMultifactor__";
 	private const PENDING_USER_LIFETIME = 15 * 60;
@@ -292,9 +292,13 @@ final class SessionHandler extends SingletonFactory {
 	
 	/**
 	 * Returns the current time step. The time step changes
-	 * every 6 hours.
+	 * every 24 hours.
 	 */
 	private function getCookieTimestep(): int {
+		$window = (24 * 3600);
+		
+		\assert((self::USER_SESSION_LIFETIME / $window) < 0xFF);
+		
 		return floor(TIME_NOW / (6 * 3600)) & 0xFF;
 	}
 	
-- 
2.20.1