From a6bdeb67b01ee171cb0bef2fad3f489c94c6170d Mon Sep 17 00:00:00 2001 From: kolaente Date: Wed, 25 Feb 2026 09:33:32 +0100 Subject: [PATCH] feat: add jwtttlshort config key for session tokens Adds ServiceJWTTTLShort (default 600s) to control the lifetime of short-lived JWTs issued during token refresh. The existing jwtttl and jwtttllong keys remain for session expiry and long sessions. --- config-raw.json | 5 +++++ pkg/config/config.go | 2 ++ 2 files changed, 7 insertions(+) diff --git a/config-raw.json b/config-raw.json index 8e1e7d686..c81a7ca89 100644 --- a/config-raw.json +++ b/config-raw.json @@ -18,6 +18,11 @@ "default_value": "2592000", "comment": "The duration of the \"remember me\" time in seconds. When the login request is made with\nthe long param set, the token returned will be valid for this period.\nThe default is 2592000 seconds (30 Days)." }, + { + "key": "jwtttlshort", + "default_value": "600", + "comment": "The duration of short-lived JWT tokens in seconds. These tokens are used together with\nrefresh tokens for session-based authentication.\nThe default is 600 seconds (10 minutes)." + }, { "key": "interface", "default_value": ":3456", diff --git a/pkg/config/config.go b/pkg/config/config.go index b8d56e9ad..edeff9564 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -44,6 +44,7 @@ const ( ServiceJWTSecret Key = `service.JWTSecret` ServiceJWTTTL Key = `service.jwtttl` ServiceJWTTTLLong Key = `service.jwtttllong` + ServiceJWTTTLShort Key = `service.jwtttlshort` ServiceInterface Key = `service.interface` ServiceUnixSocket Key = `service.unixsocket` ServiceUnixSocketMode Key = `service.unixsocketmode` @@ -336,6 +337,7 @@ func InitDefaultConfig() { ServiceJWTSecret.setDefault(random) ServiceJWTTTL.setDefault(259200) // 72 hours ServiceJWTTTLLong.setDefault(2592000) // 30 days + ServiceJWTTTLShort.setDefault(600) // 10 minutes ServiceInterface.setDefault(":3456") ServiceUnixSocket.setDefault("") ServicePublicURL.setDefault("")