Update token expiration settings

2024-03-08 15:05:13 -03:00 · 2024-03-08 15:05:13 -03:00 · 6b3ff2cd8c
commit 6b3ff2cd8c
parent b538d1bb39
2 changed files with 5 additions and 9 deletions
--- a/src/backend/langflow/api/v1/login.py
+++ b/src/backend/langflow/api/v1/login.py
@ -40,7 +40,7 @@ async def login_to_get_access_token(
            httponly=auth_settings.REFRESH_HTTPONLY,
            samesite=auth_settings.REFRESH_SAME_SITE,
            secure=auth_settings.REFRESH_SECURE,
-            expires=auth_settings.EXPIRES_REFRESH,
+            expires=auth_settings.REFRESH_TOKEN_EXPIRE_MINUTES*60,
        )
        response.set_cookie(
            "access_token_lf",
@ -48,7 +48,7 @@ async def login_to_get_access_token(
            httponly=auth_settings.ACCESS_HTTPONLY,
            samesite=auth_settings.ACCESS_SAME_SITE,
            secure=auth_settings.ACCESS_SECURE,
-            expires=auth_settings.EXPIRES_ACCESS,
+            expires=auth_settings.ACCESS_TOKEN_EXPIRE_MINUTES*60,
        )
        return tokens
    else:
@ -74,7 +74,7 @@ async def auto_login(
            httponly=auth_settings.ACCESS_HTTPONLY,
            samesite=auth_settings.ACCESS_SAME_SITE,
            secure=auth_settings.ACCESS_SECURE,
-            expires=auth_settings.EXPIRES_ACCESS,
+            expires=auth_settings.ACCESS_TOKEN_EXPIRE_MINUTES*60,
        )
        return tokens

@ -101,7 +101,7 @@ async def refresh_token(request: Request, response: Response, settings_service=D
            httponly=auth_settings.REFRESH_TOKEN_HTTPONLY,
            samesite=auth_settings.REFRESH_SAME_SITE,
            secure=auth_settings.REFRESH_SECURE,
-            expires=auth_settings.EXPIRES_REFRESH,
+            expires=auth_settings.REFRESH_TOKEN_EXPIRE_MINUTES*60,
        )
        response.set_cookie(
            "access_token_lf",
@ -109,7 +109,7 @@ async def refresh_token(request: Request, response: Response, settings_service=D
            httponly=auth_settings.ACCESS_HTTPONLY,
            samesite=auth_settings.ACCESS_SAME_SITE,
            secure=auth_settings.ACCESS_SECURE,
-            expires=auth_settings.EXPIRES_ACCESS,
+            expires=auth_settings.ACCESS_TOKEN_EXPIRE_MINUTES*60,
        )
        return tokens
    else:
--- a/src/backend/langflow/services/settings/auth.py
+++ b/src/backend/langflow/services/settings/auth.py
@ -38,10 +38,6 @@ class AuthSettings(BaseSettings):
    SUPERUSER: str = DEFAULT_SUPERUSER
    SUPERUSER_PASSWORD: str = DEFAULT_SUPERUSER_PASSWORD
    
-    EXPIRES_ACCESS:datetime = 60*60
-    """The expiration time of the access token cookie."""
-    EXPIRES_REFRESH:datetime = 60*60*12
-    """The expiration time of the refresh token cookie."""
    REFRESH_SAME_SITE: str = "none"
    """The SameSite attribute of the refresh token cookie."""
    REFRESH_SECURE: bool = True