oauthstate cookie expiration

[dimalinux]

Thank you for the excellent example! I noticed that the oauthstate cookie is configured for an entire year. If I understand correctly, it's only needed for the time when the user is redirected to Google. Would it make sense to adjust it down to 20 minutes or less?

[douglasmakey]

Hello, @dimalinux, thanks for the suggestion, I put a year just to test but I forgot to change that.