From 90dd91c6cd4671faf4c1ba7bb9a12e02df9ade57 Mon Sep 17 00:00:00 2001 From: Joe <79627742+ZhouhaoJiang@users.noreply.github.com> Date: Mon, 21 Oct 2024 18:14:26 +0800 Subject: [PATCH] fix: TOKEN_EXPIRY_MINUTES (#9557) --- api/.env.example | 5 ++++- api/configs/feature/__init__.py | 12 ++++++------ api/libs/helper.py | 6 +++--- docker/.env.example | 4 ++-- docker/docker-compose.yaml | 2 +- 5 files changed, 16 insertions(+), 13 deletions(-) diff --git a/api/.env.example b/api/.env.example index 22097ad2a0..33c58ed691 100644 --- a/api/.env.example +++ b/api/.env.example @@ -329,4 +329,7 @@ POSITION_TOOL_EXCLUDES= POSITION_PROVIDER_PINS= POSITION_PROVIDER_INCLUDES= -POSITION_PROVIDER_EXCLUDES= \ No newline at end of file +POSITION_PROVIDER_EXCLUDES= + +# Reset password token expiry minutes +RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5 diff --git a/api/configs/feature/__init__.py b/api/configs/feature/__init__.py index 2e4a09518b..307bc94a79 100644 --- a/api/configs/feature/__init__.py +++ b/api/configs/feature/__init__.py @@ -27,9 +27,9 @@ class SecurityConfig(BaseSettings): default="", ) - RESET_PASSWORD_TOKEN_EXPIRY_HOURS: PositiveInt = Field( - description="Duration in hours for which a password reset token remains valid", - default=24, + RESET_PASSWORD_TOKEN_EXPIRY_MINUTES: PositiveInt = Field( + description="Duration in minutes for which a password reset token remains valid", + default=5, ) @@ -652,9 +652,9 @@ class LoginConfig(BaseSettings): description="whether to enable github/google oauth login", default=False, ) - EMAIL_CODE_LOGIN_TOKEN_EXPIRY_HOURS: PositiveFloat = Field( - description="expiry time in hours for email code login token", - default=1 / 12, + EMAIL_CODE_LOGIN_TOKEN_EXPIRY_MINUTES: PositiveInt = Field( + description="expiry time in minutes for email code login token", + default=5, ) ALLOW_REGISTER: bool = Field( description="whether to enable register", diff --git a/api/libs/helper.py b/api/libs/helper.py index 81ac79bb04..e674d7e84b 100644 --- a/api/libs/helper.py +++ b/api/libs/helper.py @@ -214,13 +214,13 @@ class TokenManager: if additional_data: token_data.update(additional_data) - expiry_hours = current_app.config[f"{token_type.upper()}_TOKEN_EXPIRY_HOURS"] + expiry_minutes = current_app.config[f"{token_type.upper()}_TOKEN_EXPIRY_MINUTES"] token_key = cls._get_token_key(token, token_type) - expiry_time = int(expiry_hours * 60 * 60) + expiry_time = int(expiry_minutes * 60) redis_client.setex(token_key, expiry_time, json.dumps(token_data)) if account_id: - cls._set_current_token_for_account(account.id, token, token_type, expiry_hours) + cls._set_current_token_for_account(account.id, token, token_type, expiry_minutes) return token diff --git a/docker/.env.example b/docker/.env.example index 4caa4f2fb2..f022a451cf 100644 --- a/docker/.env.example +++ b/docker/.env.example @@ -605,8 +605,8 @@ INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH=1000 # Default: 72. INVITE_EXPIRY_HOURS=72 -# Reset password token valid time (hours), -RESET_PASSWORD_TOKEN_EXPIRY_HOURS=0.0833 +# Reset password token valid time (minutes), +RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5 # The sandbox service endpoint. CODE_EXECUTION_ENDPOINT=http://sandbox:8194 diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index a3ea7c6059..9d7b3c9b40 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -207,7 +207,7 @@ x-shared-env: &shared-api-worker-env RESEND_API_URL: https://api.resend.com INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH: ${INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH:-1000} INVITE_EXPIRY_HOURS: ${INVITE_EXPIRY_HOURS:-72} - RESET_PASSWORD_TOKEN_EXPIRY_HOURS: ${RESET_PASSWORD_TOKEN_EXPIRY_HOURS:-24} + RESET_PASSWORD_TOKEN_EXPIRY_MINUTES: ${RESET_PASSWORD_TOKEN_EXPIRY_MINUTES:-5} CODE_EXECUTION_ENDPOINT: ${CODE_EXECUTION_ENDPOINT:-http://sandbox:8194} CODE_EXECUTION_API_KEY: ${SANDBOX_API_KEY:-dify-sandbox} CODE_MAX_NUMBER: ${CODE_MAX_NUMBER:-9223372036854775807}