feat: make user session timeout configurable (#2753)

Co-authored-by: Oleg Lobanov <oleg@lobanov.me>

settings/settings.go

@@ -2,7 +2,9 @@ package settings
 
 import (
 	"crypto/rand"
+	"log"
 	"strings"
+	"time"
 
 	"github.com/filebrowser/filebrowser/v2/rules"
 )
@@ -47,6 +49,7 @@ type Server struct {
 	EnableExec            bool   `json:"enableExec"`
 	TypeDetectionByHeader bool   `json:"typeDetectionByHeader"`
 	AuthHook              string `json:"authHook"`
+	TokenExpirationTime   string `json:"tokenExpirationTime"`
 }
 
 // Clean cleans any variables that might need cleaning.
@@ -54,6 +57,19 @@ func (s *Server) Clean() {
 	s.BaseURL = strings.TrimSuffix(s.BaseURL, "/")
 }
 
+func (s *Server) GetTokenExpirationTime(fallback time.Duration) time.Duration {
+	if s.TokenExpirationTime == "" {
+		return fallback
+	}
+
+	if duration, err := time.ParseDuration(s.TokenExpirationTime); err == nil {
+		return duration
+	} else {
+		log.Printf("[WARN] Failed to parse tokenExpirationTime: %v", err)
+		return fallback
+	}
+}
+
 // GenerateKey generates a key of 512 bits.
 func GenerateKey() ([]byte, error) {
 	b := make([]byte, 64) //nolint:gomnd