anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): make access-token TTL configurable, default 4h

Browse Source 
Replace the hardcoded 1440-minute (24h) JWT lifetime with
DECNET_JWT_EXP_MINUTES (validated positive int, default 240 = 4h).
Shrinks the passive window of a stolen token; active revocation is
unchanged (immediate->=<10s).
This commit is contained in:
anti
2026-05-30 23:05:05 -04:00
parent 9fc489258b
commit ae16c4437b
4 changed files with 82 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
decnet/web/auth.py
View File

@@ -5,11 +5,11 @@ from typing import Optional, Any
import jwt
import bcrypt
from decnet.env import DECNET_JWT_SECRET
from decnet.env import DECNET_JWT_SECRET, DECNET_JWT_EXP_MINUTES
SECRET_KEY: str = DECNET_JWT_SECRET
ALGORITHM: str = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES: int = 1440
ACCESS_TOKEN_EXPIRE_MINUTES: int = DECNET_JWT_EXP_MINUTES
def verify_password(plain_password: str, hashed_password: str) -> bool: