diff --git a/.env.template b/.env.template
index d2eb768e15abbab0c5321865d127dae7725de19c..0f8f3c31851e003e468b215332291fec4c5d5ac2 100644
--- a/.env.template
+++ b/.env.template
@@ -335,6 +335,9 @@
## Allow a burst of requests of up to this size, while maintaining the average indicated by `ADMIN_RATELIMIT_SECONDS`.
# ADMIN_RATELIMIT_MAX_BURST=3
+## Set the lifetime of the cookie that is used to authorize admin requests to this value (in minutes).
+# ADMIN_COOKIE_LIFETIME=20
+
## Yubico (Yubikey) Settings
## Set your Client ID and Secret Key for Yubikey OTP
## You can generate it here: https://upgrade.yubico.com/getapikey/
diff --git a/src/api/admin.rs b/src/api/admin.rs
index f791d779a8429d79665234cd13b411b236f509a3..92c8e3b8b1f3b714c3310d22ce71c3da26e888d2 100644
--- a/src/api/admin.rs
+++ b/src/api/admin.rs
@@ -184,7 +184,7 @@ fn post_admin_login(data: Form<LoginForm>, cookies: &CookieJar<'_>, ip: ClientIp
let cookie = Cookie::build(COOKIE_NAME, jwt)
.path(admin_path())
- .max_age(rocket::time::Duration::minutes(20))
+ .max_age(rocket::time::Duration::minutes(CONFIG.admin_cookie_lifetime()))
.same_site(SameSite::Strict)
.http_only(true)
.finish();
diff --git a/src/config.rs b/src/config.rs
index fa53c55bd5bda0949607cef277759db4e4755956..eed2a9cfc4e45bc9e2c5ec4d35bc744fb60f7811 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -581,6 +581,9 @@ make_config! {
/// Max burst size for admin login requests |> Allow a burst of requests of up to this size, while maintaining the average indicated by `admin_ratelimit_seconds`
admin_ratelimit_max_burst: u32, false, def, 3;
+ /// Admin cookie lifetime |> Set the lifetime of the cookie that is used to authorize admin requests to this value (in minutes).
+ admin_cookie_lifetime: i64, true, def, 20;
+
/// Enable groups (BETA!) (Know the risks!) |> Enables groups support for organizations (Currently contains known issues!).
org_groups_enabled: bool, false, def, false;
},