make sessions expire

easybe · Mar 9, 2021 · b9becd8 · b9becd8
1 parent a1d3256
commit b9becd8
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py
@@ -1,5 +1,6 @@
 import os
 
+from datetime import timedelta
 from socrate import system
 
 DEFAULT_CONFIG = {
@@ -53,6 +54,7 @@
     'RECAPTCHA_PRIVATE_KEY': '',
     # Advanced settings
     'LOG_LEVEL': 'WARNING',
+    'SESSION_LIFETIME': 24,
     'SESSION_COOKIE_SECURE': True,
     'CREDENTIAL_ROUNDS': 12,
     # Host settings
@@ -136,6 +138,7 @@ def init_app(self, app):
         self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'
         self.config['SESSION_COOKIE_HTTPONLY'] = True
         self.config['SESSION_KEY_BITS'] = 128
+        self.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=int(self.config['SESSION_LIFETIME']))
         # update the app config itself
         app.config = self
 

diff --git a/docs/configuration.rst b/docs/configuration.rst
@@ -142,6 +142,8 @@ The ``CREDENTIAL_ROUNDS`` (default: 12) setting is the number of rounds used by
 
 The ``SESSION_COOKIE_SECURE`` (default: True) setting controls the secure flag on the cookies of the administrative interface. It should only be turned off if you intend to access it over plain HTTP.
 
+``SESSION_LIFETIME`` (default: 24) is the length in hours a session is valid for on the administrative interface.
+
 The ``LOG_LEVEL`` setting is used by the python start-up scripts as a logging threshold.
 Log messages equal or higher than this priority will be printed.
 Can be one of: CRITICAL, ERROR, WARNING, INFO, DEBUG or NOTSET.