1 files changed, 12 insertions, 6 deletions

diff --git a/gn_auth/settings.py b/gn_auth/settings.py
index 7dc0105..d561fa9 100644
--- a/gn_auth/settings.py
+++ b/gn_auth/settings.py
@@ -8,6 +8,9 @@ LOGLEVEL = "WARNING"
 SECRET_KEY = ""
 GN_AUTH_SECRETS = None # Set this to path to secrets file
 
+# Session settings
+SESSION_EXPIRY_MINUTES = 10
+
 # Database settings
 SQL_URI = "mysql://webqtlout:webqtlout@localhost/db_webqtl"
 AUTH_DB = f"{os.environ.get('HOME')}/genenetwork/gn3_files/db/auth.db"
@@ -18,9 +21,11 @@ REDIS_URI = "redis://localhost:6379/0"
 REDIS_JOB_QUEUE = "GN_AUTH::job-queue"
 
 # OAuth2 settings
-OAUTH2_SCOPE = (
-    "profile", "group", "role", "resource", "user", "masquerade",
-    "introspect")
+OAUTH2_SCOPES_SUPPORTED = (
+    # Used by Authlib's `authlib.integrations.flask_oauth2.AuthorizationServer`
+    # class to setup the supported scopes.
+    "profile", "group", "role", "resource", "register-client", "user",
+    "masquerade", "introspect", "migrate-data")
 
 CORS_ORIGINS = "*"
 CORS_HEADERS = [
@@ -29,9 +34,9 @@ CORS_HEADERS = [
     "Access-Control-Allow-Credentials"
 ]
 
-# OpenSSL keys
-CLIENTS_SSL_PUBLIC_KEYS_DIR = "" # clients' public keys' directory
-SSL_PRIVATE_KEY = "" # authorisation server primary key
+# JSON Web Keys (JWKs)
+JWKS_ROTATION_AGE_DAYS = 7 # Days (from creation) to keep a JWK in use.
+JWKS_DELETION_AGE_DAYS = 14 # Days (from creation) to keep a JWK around before deleting it.
 
 ## Email
 SMTP_HOST = "smtp.genenetwork.org" # does not actually exist right now
@@ -39,3 +44,4 @@ SMTP_PORT = 587
 SMTP_TIMEOUT = 200 # seconds
 SMTP_USER = "no-reply@genenetwork.org"
 SMTP_PASSWORD = "asecrettoken"
+EMAIL_ADDRESS = "no-reply@uthsc.edu"