From dacb20fc2a6823e1b158256d4c8b899aa1553e0a Mon Sep 17 00:00:00 2001
From: zhangzhenghao <zhangzhenghao@users.noreply.github.com>
Date: Mon, 27 Apr 2026 13:51:07 +0800
Subject: [PATCH] fix: refresh session on auth check to prevent premature
 expiration

After moving auth check to frontend, session.permanent was removed from
the index route. This caused sessions to expire based on default timeout
without being refreshed. Now /api/me refreshes the session on each auth
check, matching the previous behavior.
---
 app.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app.py b/app.py
index 606bbed..320856d 100644
--- a/app.py
+++ b/app.py
@@ -277,6 +277,7 @@ def page_not_found(e):
 @app.route("/api/me")
 def get_me():
     if current_user.is_authenticated:
+        session.permanent = True  # Refresh session on auth check
         return Response(
             json.dumps({"is_authenticated": True, "login": current_user.login}),
             mimetype="application/json"