From: Jeremy Benoist <jeremy.benoist@gmail.com>
Date: Wed, 8 Apr 2020 07:18:17 +0000 (+0200)
Subject: Add ability to define lifetime token for the API
X-Git-Url: https://git.immae.eu/?p=github%2Fwallabag%2Fwallabag.git;a=commitdiff_plain;h=d20a8c5fb487fbdd0723bfbd09087513062c0b3f

Add ability to define lifetime token for the API

It'll allow admin of a wallabag instance to define its own lifetime for the refresh token and the access token.
The default value are the recommended one from the wallabag team.
---

diff --git a/app/config/config.yml b/app/config/config.yml
index 0b325afe..4eea0531 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -195,7 +195,8 @@ fos_oauth_server:
     service:
         user_provider: fos_user.user_provider.username_email
         options:
-            refresh_token_lifetime: 1209600
+            refresh_token_lifetime: "%fos_oauth_server_refresh_token_lifetime%"
+            access_token_lifetime: "%fos_oauth_server_access_token_lifetime%"
 
 scheb_two_factor:
     trusted_device:
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index 9948fa46..92047121 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -46,6 +46,11 @@ parameters:
     fosuser_registration: true
     fosuser_confirmation: true
 
+    # how long the access token should live in seconds for the API
+    fos_oauth_server_access_token_lifetime: 3600
+    # how long the refresh token should life in seconds for the API
+    fos_oauth_server_refresh_token_lifetime: 1209600
+
     from_email: no-reply@wallabag.org
 
     rss_limit: 50