- **Authentication & Lifespan Updates:** Add @asynccontextmanager for application lifecycle management, including startup/shutdown handling and daily session cleanup scheduling. Reduce token expiration from 24 hours to 15 minutes for enhanced security. Streamline superuser field validation via schema, removing redundant defensive checks.

backend/app/services/auth_service.py

@@ -14,17 +14,13 @@ from app.core.auth import (
     TokenExpiredError,
     TokenInvalidError
 )
+from app.core.exceptions import AuthenticationError
 from app.models.user import User
 from app.schemas.users import Token, UserCreate, UserResponse
 
 logger = logging.getLogger(__name__)
 
 
-class AuthenticationError(Exception):
-    """Exception raised for authentication errors"""
-    pass
-
-
 class AuthService:
     """Service for handling authentication operations"""
 
@@ -144,7 +140,7 @@ class AuthService:
             access_token=access_token,
             refresh_token=refresh_token,
             user=user_response,
-            expires_in=86400  # 24 hours in seconds (matching ACCESS_TOKEN_EXPIRE_MINUTES)
+            expires_in=900  # 15 minutes in seconds (matching ACCESS_TOKEN_EXPIRE_MINUTES)
         )
 
     @staticmethod