Fix session expiry: use config value, increase to 7 days

- LOGIN was ignoring ACCESS_TOKEN_EXPIRE_MINUTES (hardcoded 15min default)
- Pass expires_delta from config in login route
- Increase token lifetime from 30min to 7 days
This commit is contained in:
Gan, Jimmy
2026-02-19 19:44:30 +08:00
parent ee2e5dcb3c
commit 197b7c1cbb
2 changed files with 6 additions and 2 deletions
+1 -1
View File
@@ -9,7 +9,7 @@ VOLUME_ROOT = os.environ.get("VOLUME_ROOT", "/volume1")
# Auth
SECRET_KEY = os.environ.get("SECRET_KEY", "c1a776b228421830e7c7df0887adc75f74bac65aaa1fc364be96861b1f8c8701")
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30
ACCESS_TOKEN_EXPIRE_MINUTES = 60 * 24 * 7 # 7 days
ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
# Default hash for "admin" using pbkdf2_sha256 scheme to avoid bcrypt compat issues
ADMIN_PASSWORD_HASH = os.environ.get("ADMIN_PASSWORD_HASH", "$pbkdf2-sha256$29000$25tTKoUQIgQghLC2ds4ZYw$H/fCb3H5wmOkwj6l6KrVlmns0TWfzKPOrG3sgVDR.eg")