diff --git a/Cargo.lock b/Cargo.lock
index 5259c59..a4b1b06 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2673,6 +2673,7 @@ dependencies = [
  "rocket_dyn_templates",
  "rss",
  "sqlx",
+ "time",
  "tokio",
  "url",
  "uuid",
diff --git a/Cargo.toml b/Cargo.toml
index b05e70f..2606023 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -19,3 +19,4 @@ url = { version = "2.5", features = ["serde"] }
 feed-rs = "2.3.1"
 reqwest = { version = "0.12.12", features = ["json"] }
 tokio = "1.43.0"
+time = "0.3.37"
diff --git a/src/user.rs b/src/user.rs
index cdb83dc..1e2ec8e 100644
--- a/src/user.rs
+++ b/src/user.rs
@@ -1,3 +1,5 @@
+use time::Duration;
+
 use rocket::http::{Cookie, CookieJar, Status};
 use rocket::serde::{json::Json, Deserialize, Serialize};
 use rocket_db_pools::Connection;
@@ -219,7 +221,12 @@ pub async fn login(
 
     // Set session cookie
     let user_id = Uuid::parse_str(&user.id).map_err(|_| Status::InternalServerError)?;
-    cookies.add_private(Cookie::new("user_id", user_id.to_string()));
+
+    //TODO make this user-configurable
+    let max_age = Duration::days(6);
+    let mut cookie = Cookie::new("user_id", user_id.to_string());
+    cookie.set_max_age(max_age);
+    cookies.add_private(cookie);
 
     Ok(Json(LoginResponse {
         user_id,