Fix session expiry: use config value, increase to 7 days
Deploy Dashboard / deploy (push) Failing after 6m38s
Deploy Dashboard / deploy (push) Failing after 6m38s
- LOGIN was ignoring ACCESS_TOKEN_EXPIRE_MINUTES (hardcoded 15min default) - Pass expires_delta from config in login route - Increase token lifetime from 30min to 7 days
This commit is contained in:
@@ -9,7 +9,7 @@ VOLUME_ROOT = os.environ.get("VOLUME_ROOT", "/volume1")
|
|||||||
# Auth
|
# Auth
|
||||||
SECRET_KEY = os.environ.get("SECRET_KEY", "c1a776b228421830e7c7df0887adc75f74bac65aaa1fc364be96861b1f8c8701")
|
SECRET_KEY = os.environ.get("SECRET_KEY", "c1a776b228421830e7c7df0887adc75f74bac65aaa1fc364be96861b1f8c8701")
|
||||||
ALGORITHM = "HS256"
|
ALGORITHM = "HS256"
|
||||||
ACCESS_TOKEN_EXPIRE_MINUTES = 30
|
ACCESS_TOKEN_EXPIRE_MINUTES = 60 * 24 * 7 # 7 days
|
||||||
ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
|
ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
|
||||||
# Default hash for "admin" using pbkdf2_sha256 scheme to avoid bcrypt compat issues
|
# Default hash for "admin" using pbkdf2_sha256 scheme to avoid bcrypt compat issues
|
||||||
ADMIN_PASSWORD_HASH = os.environ.get("ADMIN_PASSWORD_HASH", "$pbkdf2-sha256$29000$25tTKoUQIgQghLC2ds4ZYw$H/fCb3H5wmOkwj6l6KrVlmns0TWfzKPOrG3sgVDR.eg")
|
ADMIN_PASSWORD_HASH = os.environ.get("ADMIN_PASSWORD_HASH", "$pbkdf2-sha256$29000$25tTKoUQIgQghLC2ds4ZYw$H/fCb3H5wmOkwj6l6KrVlmns0TWfzKPOrG3sgVDR.eg")
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
from datetime import timedelta
|
||||||
from fastapi import APIRouter, Depends, HTTPException, status
|
from fastapi import APIRouter, Depends, HTTPException, status
|
||||||
from pydantic import BaseModel
|
from pydantic import BaseModel
|
||||||
import config
|
import config
|
||||||
@@ -51,7 +52,10 @@ async def login(creds: LoginRequest):
|
|||||||
headers={"WWW-Authenticate": "Bearer"},
|
headers={"WWW-Authenticate": "Bearer"},
|
||||||
)
|
)
|
||||||
|
|
||||||
access_token = auth.create_access_token(data={"sub": creds.username})
|
access_token = auth.create_access_token(
|
||||||
|
data={"sub": creds.username},
|
||||||
|
expires_delta=timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES),
|
||||||
|
)
|
||||||
return {
|
return {
|
||||||
"access_token": access_token,
|
"access_token": access_token,
|
||||||
"token_type": "bearer",
|
"token_type": "bearer",
|
||||||
|
|||||||
Reference in New Issue
Block a user