Fix session expiry: use config value, increase to 7 days
Deploy Dashboard / deploy (push) Failing after 6m38s

- LOGIN was ignoring ACCESS_TOKEN_EXPIRE_MINUTES (hardcoded 15min default)
- Pass expires_delta from config in login route
- Increase token lifetime from 30min to 7 days
This commit is contained in:
Gan, Jimmy
2026-02-19 19:44:30 +08:00
parent 36f1fc0962
commit b2c27683e3
2 changed files with 6 additions and 2 deletions
+1 -1
View File
@@ -9,7 +9,7 @@ VOLUME_ROOT = os.environ.get("VOLUME_ROOT", "/volume1")
# Auth
SECRET_KEY = os.environ.get("SECRET_KEY", "c1a776b228421830e7c7df0887adc75f74bac65aaa1fc364be96861b1f8c8701")
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30
ACCESS_TOKEN_EXPIRE_MINUTES = 60 * 24 * 7 # 7 days
ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
# Default hash for "admin" using pbkdf2_sha256 scheme to avoid bcrypt compat issues
ADMIN_PASSWORD_HASH = os.environ.get("ADMIN_PASSWORD_HASH", "$pbkdf2-sha256$29000$25tTKoUQIgQghLC2ds4ZYw$H/fCb3H5wmOkwj6l6KrVlmns0TWfzKPOrG3sgVDR.eg")
+5 -1
View File
@@ -1,3 +1,4 @@
from datetime import timedelta
from fastapi import APIRouter, Depends, HTTPException, status
from pydantic import BaseModel
import config
@@ -51,7 +52,10 @@ async def login(creds: LoginRequest):
headers={"WWW-Authenticate": "Bearer"},
)
access_token = auth.create_access_token(data={"sub": creds.username})
access_token = auth.create_access_token(
data={"sub": creds.username},
expires_delta=timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES),
)
return {
"access_token": access_token,
"token_type": "bearer",