Skip to content

Commit

Permalink
Merge pull request #437 from maykinmedia/fix/422-oidc-settings
Browse files Browse the repository at this point in the history
[#422] Make the Django session length and the OIDC session check configurable
  • Loading branch information
SilviaAmAm authored Oct 18, 2024
2 parents 56e4d84 + 5a85878 commit d5f738f
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions backend/src/openarchiefbeheer/conf/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -343,6 +343,7 @@
SESSION_COOKIE_SAMESITE = config("SESSION_COOKIE_SAMESITE", "Lax")
SESSION_COOKIE_SECURE = config("SESSION_COOKIE_SECURE", IS_HTTPS)
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_AGE = config("SESSION_COOKIE_AGE", 1209600) # 2 weeks in seconds

CSRF_COOKIE_SAMESITE = config("CSRF_COOKIE_SAMESITE", "Lax")
CSRF_COOKIE_SECURE = config("CSRF_COOKIE_SECURE", IS_HTTPS)
Expand Down Expand Up @@ -637,6 +638,10 @@
OIDC_REDIRECT_ALLOWED_HOSTS = config(
"OIDC_REDIRECT_ALLOWED_HOSTS", default="", split=True
)
# See issue #422 and https://mozilla-django-oidc.readthedocs.io/en/2.0.0/installation.html#validate-id-tokens-by-renewing-them
OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS = config(
"OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS", default=60 * 15
)

# Django privates
#
Expand Down

0 comments on commit d5f738f

Please sign in to comment.