From 2d4d88f9de9bcc5077f0355d4a7890c092130c36 Mon Sep 17 00:00:00 2001
From: Nicholas Staples <nicholas.staples@solution-tribute.com>
Date: Mon, 15 Feb 2016 11:43:16 +0000
Subject: [PATCH] Fix for bug of cookie expiry.

---
 app/its_dangerous_session.py | 2 +-
 config.py                    | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/its_dangerous_session.py b/app/its_dangerous_session.py
index 25f7aef20..e16cecc55 100644
--- a/app/its_dangerous_session.py
+++ b/app/its_dangerous_session.py
@@ -46,7 +46,7 @@ class ItsdangerousSessionInterface(SessionInterface):
                                        domain=domain)
             return
         session.permanent = True
-        expires = datetime.utcnow() + timedelta(app.config.get('PERMANENT_SESSION_LIFETIME'))
+        expires = datetime.utcnow() + timedelta(seconds=app.config.get('PERMANENT_SESSION_LIFETIME'))
         val = self.get_serializer(app).dumps(dict(session))
         response.set_cookie(app.session_cookie_name, val,
                             expires=expires, httponly=True,
diff --git a/config.py b/config.py
index bc1ae87db..39158a245 100644
--- a/config.py
+++ b/config.py
@@ -23,6 +23,7 @@ class Config(object):
     SESSION_COOKIE_HTTPONLY = True
     SESSION_COOKIE_SECURE = False
     PERMANENT_SESSION_LIFETIME = 3600  # seconds
+    SESSION_REFRESH_EACH_REQUEST = True
 
     API_HOST_NAME = os.getenv('API_HOST_NAME')
     NOTIFY_API_SECRET = os.getenv('NOTIFY_API_SECRET', "dev-secret")