diff options
author | Frederick Muriuki Muriithi | 2024-07-19 09:35:51 -0500 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-07-31 09:30:22 -0500 |
commit | 6510dd5175b84c9780dda2fe0d8869efaeb2404b (patch) | |
tree | 7f17e90fa9ff4bb9b4ad3a7146f0489119132b93 | |
parent | bb66f79d675ad046acdc4e6853416bf7e948d6dc (diff) | |
download | gn-auth-6510dd5175b84c9780dda2fe0d8869efaeb2404b.tar.gz |
Enable external configuration of session expiry period
Enable passing in the number of minutes that a session can be valid
for. This enables the length of time that the session can last to be
configurable rather than hard-coded.
-rw-r--r-- | gn_auth/auth/authorisation/users/admin/views.py | 6 | ||||
-rw-r--r-- | gn_auth/session.py | 4 | ||||
-rw-r--r-- | gn_auth/settings.py | 3 |
3 files changed, 9 insertions, 4 deletions
diff --git a/gn_auth/auth/authorisation/users/admin/views.py b/gn_auth/auth/authorisation/users/admin/views.py index 8ca1e51..0ab69e9 100644 --- a/gn_auth/auth/authorisation/users/admin/views.py +++ b/gn_auth/auth/authorisation/users/admin/views.py @@ -62,7 +62,8 @@ _FORM_GRANT_TYPES_ = ({ @admin.before_request def update_expires(): """Update session expiration.""" - if session.session_info() and not session.update_expiry(): + if (session.session_info() and not session.update_expiry( + int(app.config.get("SESSION_EXPIRY_MINUTES", 10)))): flash("Session has expired. Logging out...", "alert-warning") session.clear_session_info() return redirect(url_for("oauth2.admin.login")) @@ -96,7 +97,8 @@ def login(): session.update_session_info( user=asdict(user), expires=( - datetime.now(tz=timezone.utc) + timedelta(minutes=10))) + datetime.now(tz=timezone.utc) + timedelta(minutes=int( + app.config.get("SESSION_EXPIRY_MINUTES", 10))))) return redirect(url_for(next_uri)) raise NotFoundError(error_message) except NotFoundError as _nfe: diff --git a/gn_auth/session.py b/gn_auth/session.py index 7226ac5..39f6959 100644 --- a/gn_auth/session.py +++ b/gn_auth/session.py @@ -47,11 +47,11 @@ def session_expired() -> bool: return now >= session[__SESSION_KEY__]["expires"] return True -def update_expiry() -> bool: +def update_expiry(minutes: int = 10) -> bool: """Update the session expiry and return a boolean indicating success.""" if not session_expired(): now = datetime.now(tz=timezone.utc) - session[__SESSION_KEY__]["expires"] = now + timedelta(minutes=10) + session[__SESSION_KEY__]["expires"] = now + timedelta(minutes=minutes) return True return False diff --git a/gn_auth/settings.py b/gn_auth/settings.py index 2cac390..e9bfe23 100644 --- a/gn_auth/settings.py +++ b/gn_auth/settings.py @@ -8,6 +8,9 @@ LOGLEVEL = "WARNING" SECRET_KEY = "" GN_AUTH_SECRETS = None # Set this to path to secrets file +# Session settings +SESSION_EXPIRY_MINUTES = 10 + # Database settings SQL_URI = "mysql://webqtlout:webqtlout@localhost/db_webqtl" AUTH_DB = f"{os.environ.get('HOME')}/genenetwork/gn3_files/db/auth.db" |