aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/mfa/token.ex2
-rw-r--r--lib/pleroma/web/o_auth/authorization.ex4
-rw-r--r--lib/pleroma/web/o_auth/o_auth_view.ex4
-rw-r--r--lib/pleroma/web/o_auth/token.ex12
4 files changed, 12 insertions, 10 deletions
diff --git a/lib/pleroma/mfa/token.ex b/lib/pleroma/mfa/token.ex
index 82d3817cc..69b64c0e8 100644
--- a/lib/pleroma/mfa/token.ex
+++ b/lib/pleroma/mfa/token.ex
@@ -11,7 +11,7 @@ defmodule Pleroma.MFA.Token do
alias Pleroma.User
alias Pleroma.Web.OAuth.Authorization
- @expires 3600 * 24 * 30
+ @expires 300
@type t() :: %__MODULE__{}
diff --git a/lib/pleroma/web/o_auth/authorization.ex b/lib/pleroma/web/o_auth/authorization.ex
index 268ee5b63..e766dcada 100644
--- a/lib/pleroma/web/o_auth/authorization.ex
+++ b/lib/pleroma/web/o_auth/authorization.ex
@@ -9,6 +9,7 @@ defmodule Pleroma.Web.OAuth.Authorization do
alias Pleroma.User
alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Authorization
+ alias Pleroma.Web.OAuth.Token
import Ecto.Changeset
import Ecto.Query
@@ -53,7 +54,8 @@ defmodule Pleroma.Web.OAuth.Authorization do
end
defp add_lifetime(changeset) do
- put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10))
+ lifespan = Token.lifespan()
+ put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), lifespan))
end
@spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t()
diff --git a/lib/pleroma/web/o_auth/o_auth_view.ex b/lib/pleroma/web/o_auth/o_auth_view.ex
index f55247ebd..d22b2f7fe 100644
--- a/lib/pleroma/web/o_auth/o_auth_view.ex
+++ b/lib/pleroma/web/o_auth/o_auth_view.ex
@@ -13,7 +13,7 @@ defmodule Pleroma.Web.OAuth.OAuthView do
token_type: "Bearer",
access_token: token.token,
refresh_token: token.refresh_token,
- expires_in: expires_in(),
+ expires_in: NaiveDateTime.diff(token.valid_until, NaiveDateTime.utc_now()),
scope: Enum.join(token.scopes, " "),
created_at: Utils.format_created_at(token)
}
@@ -25,6 +25,4 @@ defmodule Pleroma.Web.OAuth.OAuthView do
response
end
end
-
- defp expires_in, do: Pleroma.Config.get([:oauth2, :token_expires_in], 600)
end
diff --git a/lib/pleroma/web/o_auth/token.ex b/lib/pleroma/web/o_auth/token.ex
index 9170a7ec7..886117d15 100644
--- a/lib/pleroma/web/o_auth/token.ex
+++ b/lib/pleroma/web/o_auth/token.ex
@@ -27,6 +27,10 @@ defmodule Pleroma.Web.OAuth.Token do
timestamps()
end
+ def lifespan do
+ Pleroma.Config.get!([:oauth2, :token_expires_in])
+ end
+
@doc "Gets token by unique access token"
@spec get_by_token(String.t()) :: {:ok, t()} | {:error, :not_found}
def get_by_token(token) do
@@ -83,11 +87,11 @@ defmodule Pleroma.Web.OAuth.Token do
end
defp put_valid_until(changeset, attrs) do
- expires_in =
- Map.get(attrs, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), expires_in()))
+ valid_until =
+ Map.get(attrs, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), lifespan()))
changeset
- |> change(%{valid_until: expires_in})
+ |> change(%{valid_until: valid_until})
|> validate_required([:valid_until])
end
@@ -138,6 +142,4 @@ defmodule Pleroma.Web.OAuth.Token do
end
def is_expired?(_), do: false
-
- defp expires_in, do: Pleroma.Config.get([:oauth2, :token_expires_in], 600)
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 23:03:55 +0000