maxAge option incorrectly handles values expressed in number of milliseconds

[zaak]

As stated in the docs:

maxAge: the maximum allowed age for tokens to still be valid. Currently it is expressed in milliseconds or a string describing a time span zeit/ms. Eg: 1000, "2 days", "10h", "7d". (...)

But if you pass a number, it's converted to string by ms call here, as there's no typeof check for options.maxAge. Because of this all the following validation logic is broken in this case.

[ziluvatar]

Thanks @zaak!! There was an issue about how using milliseconds does not match quite well with JWT, however, we didn't realize that it actually does not work at all. The good part is that we can fix both at same time, making the code work with number (only for seconds) right away.

[ziluvatar]

Fix: #349