diff --git a/apps/server/src/auth/auth.routes.ts b/apps/server/src/auth/auth.routes.ts
index f0355a3..652916c 100644
--- a/apps/server/src/auth/auth.routes.ts
+++ b/apps/server/src/auth/auth.routes.ts
@@ -26,12 +26,17 @@ router.post("/login", loginLimiter, async (req, res) => {
     httpOnly: true,
     sameSite: "lax",
     secure: !isDev,
+    maxAge: 60 * 24 * 60 * 60 * 1000,
   });
   return res.json({ username: user.username });
 });
 
 router.post("/logout", (_req, res) => {
-  res.clearCookie("qbuffer_token");
+  res.clearCookie("qbuffer_token", {
+    httpOnly: true,
+    sameSite: "lax",
+    secure: !isDev,
+  });
   return res.json({ ok: true });
 });
 
diff --git a/apps/server/src/auth/auth.service.ts b/apps/server/src/auth/auth.service.ts
index 15bcaf3..0f5b63e 100644
--- a/apps/server/src/auth/auth.service.ts
+++ b/apps/server/src/auth/auth.service.ts
@@ -40,7 +40,7 @@ export const verifyCredentials = async (username: string, password: string) => {
 };
 
 export const signToken = (payload: { username: string }) => {
-  return jwt.sign(payload, config.jwtSecret, { expiresIn: "7d" });
+  return jwt.sign(payload, config.jwtSecret, { expiresIn: "60d" });
 };
 
 export const verifyToken = (token: string) => {