From 1ce562c58c26965ef573b81032e491bfbe874b17 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Mon, 22 Feb 2021 21:15:25 +0100 Subject: [PATCH] make sessions expire (cherry picked from commit b9becd86497fa685e80cca2ccbe20d54405e6d24) # Conflicts: # core/admin/mailu/configuration.py --- core/admin/mailu/configuration.py | 11 +++++++++++ docs/configuration.rst | 2 ++ 2 files changed, 13 insertions(+) diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py index 800e97dc..e7af49bb 100644 --- a/core/admin/mailu/configuration.py +++ b/core/admin/mailu/configuration.py @@ -1,7 +1,11 @@ import os from datetime import timedelta +<<<<<<< HEAD import ipaddress +======= +from socrate import system +>>>>>>> b9becd86 (make sessions expire) DEFAULT_CONFIG = { # Specific to the admin UI @@ -72,6 +76,7 @@ DEFAULT_CONFIG = { 'LOGO_URL': None, 'LOGO_BACKGROUND': None, # Advanced settings +<<<<<<< HEAD 'AUTH_REQUIRE_TOKENS': False, 'API': False, 'WEB_API': '/api', @@ -83,6 +88,11 @@ DEFAULT_CONFIG = { 'SESSION_TIMEOUT': 3600, 'PERMANENT_SESSION_LIFETIME': 30*24*3600, 'SESSION_COOKIE_SECURE': None, +======= + 'LOG_LEVEL': 'WARNING', + 'SESSION_LIFETIME': 24, + 'SESSION_COOKIE_SECURE': True, +>>>>>>> b9becd86 (make sessions expire) 'CREDENTIAL_ROUNDS': 12, 'TLS_PERMISSIVE': True, 'TZ': 'Etc/UTC', @@ -171,6 +181,7 @@ class ConfigManager: pass ======= self.config['SESSION_KEY_BITS'] = 128 + self.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=int(self.config['SESSION_LIFETIME'])) # update the app config itself app.config = self >>>>>>> d459c374 (make session IDs 128bits) diff --git a/docs/configuration.rst b/docs/configuration.rst index b4b687b1..5c9788c4 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -235,6 +235,8 @@ intend to access it over plain HTTP. requests before a session is invalidated. ``PERMANENT_SESSION_LIFETIME`` (default: 108000) is the maximum amount of time in seconds a session can be kept alive for if it hasn't timed-out. +``SESSION_LIFETIME`` (default: 24) is the length in hours a session is valid for on the administrative interface. + The ``LOG_LEVEL`` setting is used by the python start-up scripts as a logging threshold. Log messages equal or higher than this priority will be printed. Can be one of: CRITICAL, ERROR, WARNING, INFO, DEBUG or NOTSET.