From 4b0a4eee3b8dba4ae033d102631a6a0c87ecc5d5 Mon Sep 17 00:00:00 2001
From: ShipItAndPray <noreply@users.noreply.github.com>
Date: Thu, 9 Apr 2026 11:57:57 -0500
Subject: [PATCH] web: allow setting token expiration to never when editing

---
 server/server_account_test.go | 9 +++++++++
 web/src/app/AccountApi.js     | 4 ++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/server/server_account_test.go b/server/server_account_test.go
index f4b4d7c5..9aea7d4d 100644
--- a/server/server_account_test.go
+++ b/server/server_account_test.go
@@ -361,6 +361,15 @@ func TestAccount_ExtendToken(t *testing.T) {
 		require.Nil(t, err)
 		require.Equal(t, "some label", token.Label)
 		require.Equal(t, expires.Unix(), token.Expires)
+
+		body = fmt.Sprintf(`{"token":"%s", "expires": 0}`, token.Token)
+		rr = request(t, s, "PATCH", "/v1/account/token", body, map[string]string{
+			"Authorization": util.BearerAuth(token.Token),
+		})
+		require.Equal(t, 200, rr.Code)
+		token, err = util.UnmarshalJSON[apiAccountTokenResponse](io.NopCloser(rr.Body))
+		require.Nil(t, err)
+		require.Equal(t, int64(0), token.Expires)
 	})
 }
 
diff --git a/web/src/app/AccountApi.js b/web/src/app/AccountApi.js
index 5b44391d..d340c2c0 100644
--- a/web/src/app/AccountApi.js
+++ b/web/src/app/AccountApi.js
@@ -137,8 +137,8 @@ class AccountApi {
       token,
       label,
     };
-    if (expires > 0) {
-      body.expires = Math.floor(Date.now() / 1000) + expires;
+    if (expires >= 0) {
+      body.expires = expires > 0 ? Math.floor(Date.now() / 1000) + expires : 0;
     }
     console.log(`[AccountApi] Creating user access token ${url}`);
     await fetchOrThrow(url, {