diff --git a/src/Http/Request/Auth/EmailAuthRequest.php b/src/Http/Request/Auth/EmailAuthRequest.php
index 8a6e0ae..390e5bd 100644
--- a/src/Http/Request/Auth/EmailAuthRequest.php
+++ b/src/Http/Request/Auth/EmailAuthRequest.php
@@ -20,7 +20,7 @@
 
 class EmailAuthRequest extends Request
 {
-    const EXPIRATION_TIME = '+4 hours';
+    const EXPIRATION_TIME = '4hours';
     
     public function __construct(
         private readonly EntityManager   $em,
@@ -66,7 +66,9 @@ public function process(array $data): Response
         $token->setSourceId($user->getId());
         $this->em->persist($token);
         
-        $expiration = (new \DateTime())->modify(self::EXPIRATION_TIME);
+        $time = array_key_exists('AUTH_EXPIRATION', $_ENV) ? $_ENV['AUTH_EXPIRATION'] : self::EXPIRATION_TIME;
+        
+        $expiration = (new \DateTime())->modify('+' . $time);
         $immutable = \DateTimeImmutable::createFromMutable($expiration);
         $claims = $this->claims->format($user, $token);
         $jwt = $this->jwt->createToken($immutable, $claims);
diff --git a/src/Subscriber/AuthRequest.php b/src/Subscriber/AuthRequest.php
index f50f291..d44d96d 100644
--- a/src/Subscriber/AuthRequest.php
+++ b/src/Subscriber/AuthRequest.php
@@ -132,17 +132,22 @@ public function onRequest(RequestEvent $event): void
         /** @var IAuthenticable $user */
         $this->authUser->setAuthUser($user);
         
-        $claimsResources = $claims->get('user')['resources'];
-        $authResources = $this->authUser->getResources();
-        
-        sort($claimsResources);
-        sort($authResources);
-        
-        $requestResources = implode('|', $claimsResources);
-        $userResources = implode('|', $authResources);
-        
-        if ($userResources !== $requestResources) {
-            $this->sendError('User permissions have been changed');
+        // Don't watch only if strict mode is off
+        $watch = !(array_key_exists('AUTH_STRICT_RESOURCES', $_ENV) && $_ENV['AUTH_STRICT_RESOURCES'] === 'false');
+        
+        if ($watch) {
+            $claimsResources = $claims->get('user')['resources'];
+            $authResources = $this->authUser->getResources();
+            
+            sort($claimsResources);
+            sort($authResources);
+            
+            $requestResources = implode('|', $claimsResources);
+            $userResources = implode('|', $authResources);
+            
+            if ($userResources !== $requestResources) {
+                $this->sendError('User permissions have been changed');
+            }
         }
     }