Browse Source

Add support for configurable OAuth tokens and refresh tokens lifetime

Previously, the lifetime of tokens and refresh tokens was hardcoded at
15 and 30 days.

Some instances administrators may wish to change these values.

This makes these two values configurable with the two .env variables:
OAUTH_TOKEN_DAYS and OAUTH_REFRESH_DAYS which are the lifetime in days
for these two tokens and refresh tokens.
delthas 4 years ago
parent
commit
748a3be46d
2 changed files with 4 additions and 2 deletions
  1. 2 2
      app/Providers/AuthServiceProvider.php
  2. 2 0
      config/instance.php

+ 2 - 2
app/Providers/AuthServiceProvider.php

@@ -28,8 +28,8 @@ class AuthServiceProvider extends ServiceProvider
 
         if(config('pixelfed.oauth_enabled')) {
             Passport::routes(null, ['middleware' => ['twofactor', \Fruitcake\Cors\HandleCors::class]]);
-            Passport::tokensExpireIn(now()->addDays(15));
-            Passport::refreshTokensExpireIn(now()->addDays(30));
+            Passport::tokensExpireIn(now()->addDays(config('instance.oauth.token_expiration')));
+            Passport::refreshTokensExpireIn(now()->addDays(config('instance.oauth.refresh_expiration')));
             Passport::enableImplicitGrant();
             if(config('instance.oauth.pat.enabled')) {
                 Passport::personalAccessClientId(config('instance.oauth.pat.id'));

+ 2 - 0
config/instance.php

@@ -55,6 +55,8 @@ return [
 	],
 
 	'oauth' => [
+		'token_expiration' => env('OAUTH_TOKEN_DAYS', 15),
+		'refresh_expiration' => env('OAUTH_REFRESH_DAYS', 30),
 		'pat' => [
 			'enabled' => env('OAUTH_PAT_ENABLED', false),
 			'id' 	  => env('OAUTH_PAT_ID'),