From a947e434f00920ca2c5491b75ab11e6fbbb86a1c Mon Sep 17 00:00:00 2001 From: Nils Mittler Date: Mon, 20 Feb 2023 17:02:14 +0100 Subject: [PATCH] Apply rewording --- .env.template | 4 ++-- src/api/admin.rs | 2 +- src/auth.rs | 2 +- src/config.rs | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.env.template b/.env.template index 0f8f3c31..3c7e7d1e 100644 --- a/.env.template +++ b/.env.template @@ -335,8 +335,8 @@ ## Allow a burst of requests of up to this size, while maintaining the average indicated by `ADMIN_RATELIMIT_SECONDS`. # ADMIN_RATELIMIT_MAX_BURST=3 -## Set the lifetime of the cookie that is used to authorize admin requests to this value (in minutes). -# ADMIN_COOKIE_LIFETIME=20 +## Set the lifetime of admin sessions to this value (in minutes). +# ADMIN_SESSION_LIFETIME=20 ## Yubico (Yubikey) Settings ## Set your Client ID and Secret Key for Yubikey OTP diff --git a/src/api/admin.rs b/src/api/admin.rs index 66f26bcc..8bfc1f21 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -183,7 +183,7 @@ fn post_admin_login(data: Form, cookies: &CookieJar<'_>, ip: ClientIp let cookie = Cookie::build(COOKIE_NAME, jwt) .path(admin_path()) - .max_age(rocket::time::Duration::minutes(CONFIG.admin_cookie_lifetime())) + .max_age(rocket::time::Duration::minutes(CONFIG.admin_session_lifetime())) .same_site(SameSite::Strict) .http_only(true) .finish(); diff --git a/src/auth.rs b/src/auth.rs index 6f265e9f..380c6a73 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -241,7 +241,7 @@ pub fn generate_admin_claims() -> BasicJwtClaims { let time_now = Utc::now().naive_utc(); BasicJwtClaims { nbf: time_now.timestamp(), - exp: (time_now + Duration::minutes(CONFIG.admin_cookie_lifetime())).timestamp(), + exp: (time_now + Duration::minutes(CONFIG.admin_session_lifetime())).timestamp(), iss: JWT_ADMIN_ISSUER.to_string(), sub: "admin_panel".to_string(), } diff --git a/src/config.rs b/src/config.rs index eed2a9cf..f3736a1f 100644 --- a/src/config.rs +++ b/src/config.rs @@ -581,8 +581,8 @@ make_config! { /// Max burst size for admin login requests |> Allow a burst of requests of up to this size, while maintaining the average indicated by `admin_ratelimit_seconds` admin_ratelimit_max_burst: u32, false, def, 3; - /// Admin cookie lifetime |> Set the lifetime of the cookie that is used to authorize admin requests to this value (in minutes). - admin_cookie_lifetime: i64, true, def, 20; + /// Admin session lifetime |> Set the lifetime of admin sessions to this value (in minutes). + admin_session_lifetime: i64, true, def, 20; /// Enable groups (BETA!) (Know the risks!) |> Enables groups support for organizations (Currently contains known issues!). org_groups_enabled: bool, false, def, false;