🔒 fix: Session Expiry Management for OpenID/SAML (#11407)

- Added session cookie options for OpenID and SAML configurations, including maxAge and secure attributes based on the environment.
    - Introduced DEFAULT_SESSION_EXPIRY from data-schemas for better session handling.

api/server/socialLogins.js

@@ -1,8 +1,8 @@
 const passport = require('passport');
 const session = require('express-session');
 const { isEnabled } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { CacheKeys } = require('librechat-data-provider');
+const { logger, DEFAULT_SESSION_EXPIRY } = require('@librechat/data-schemas');
 const {
   openIdJwtLogin,
   facebookLogin,
@@ -22,11 +22,17 @@ const { getLogStores } = require('~/cache');
  */
 async function configureOpenId(app) {
   logger.info('Configuring OpenID Connect...');
+  const isProduction = process.env.NODE_ENV === 'production';
+  const sessionExpiry = Number(process.env.SESSION_EXPIRY) || DEFAULT_SESSION_EXPIRY;
   const sessionOptions = {
     secret: process.env.OPENID_SESSION_SECRET,
     resave: false,
     saveUninitialized: false,
     store: getLogStores(CacheKeys.OPENID_SESSION),
+    cookie: {
+      maxAge: sessionExpiry,
+      secure: isProduction,
+    },
   };
   app.use(session(sessionOptions));
   app.use(passport.session());
@@ -82,11 +88,17 @@ const configureSocialLogins = async (app) => {
     process.env.SAML_SESSION_SECRET
   ) {
     logger.info('Configuring SAML Connect...');
+    const isProduction = process.env.NODE_ENV === 'production';
+    const sessionExpiry = Number(process.env.SESSION_EXPIRY) || DEFAULT_SESSION_EXPIRY;
     const sessionOptions = {
       secret: process.env.SAML_SESSION_SECRET,
       resave: false,
       saveUninitialized: false,
       store: getLogStores(CacheKeys.SAML_SESSION),
+      cookie: {
+        maxAge: sessionExpiry,
+        secure: isProduction,
+      },
     };
     app.use(session(sessionOptions));
     app.use(passport.session());