From 4c98c2cce13147d57a6a5b1c1aa697e01db41a80 Mon Sep 17 00:00:00 2001
From: "soroush.asadi" <soroush.asadi@aliasaas.com>
Date: Tue, 2 Jun 2026 23:47:06 +0330
Subject: [PATCH] feat(auth): extend token lifetimes for long offline gaps
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

A user can be offline for months (offline-first dashboard) and must stay logged
in / be able to sync on reconnect. Access 7d→30d, refresh 30d→365d, so a ~3-month
offline gap still has a valid refresh token on reconnect (queued writes sync, no
forced logout). Client only logs out on a server 401, never while offline.
---
 src/Meezi.API/appsettings.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Meezi.API/appsettings.json b/src/Meezi.API/appsettings.json
index c4a14e2..5d705b2 100644
--- a/src/Meezi.API/appsettings.json
+++ b/src/Meezi.API/appsettings.json
@@ -7,8 +7,8 @@
     "Key": "meezi-dev-secret-key-min-32-chars!!",
     "Issuer": "meezi",
     "Audience": "meezi",
-    "AccessTokenExpiryDays": 7,
-    "RefreshTokenExpiryDays": 30
+    "AccessTokenExpiryDays": 30,
+    "RefreshTokenExpiryDays": 365
   },
   "App": {
     "PublicBaseUrl": "https://localhost:7208",