From 030d12a465e824deb9bc0e5659b0353bdfbbc8ec Mon Sep 17 00:00:00 2001
From: azivner <adam.zivner@gmail.com>
Date: Mon, 7 Jan 2019 23:29:56 +0100
Subject: [PATCH] stretch sync login token validity to 5 minutes #277

---
 src/routes/api/login.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/routes/api/login.js b/src/routes/api/login.js
index 9899ec1cc..22bdd67e2 100644
--- a/src/routes/api/login.js
+++ b/src/routes/api/login.js
@@ -23,7 +23,8 @@ async function loginSync(req) {
 
     const now = new Date();
 
-    if (Math.abs(timestamp.getTime() - now.getTime()) > 5000) {
+    // login token is valid for 5 minutes
+    if (Math.abs(timestamp.getTime() - now.getTime()) > 5 * 60 * 1000) {
         return [400, { message: 'Auth request time is out of sync' }];
     }