Bug fix: expire invalid access tokens

author: Negar Fazeli <negar.fazeli@ericsson.com> 2016-07-08 16:53:18 +0200
committer: Negar Fazeli <negar.fazeli@ericsson.com> 2016-07-13 15:00:37 +0200
commit: 0136a522b18a734db69171d60566f501c0ced663 (patch)
tree: 0828758ba08b5eba36d0442a9785ebf9341b2033 /synapse/handlers/auth.py
parent: Merge pull request #914 from matrix-org/markjh/upgrade (diff)
download: synapse-0136a522b18a734db69171d60566f501c0ced663.tar.xz
1 files changed, 3 insertions, 2 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index e259213a36..5a0ed9d6b9 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -637,12 +637,13 @@ class AuthHandler(BaseHandler):
         yield self.store.add_refresh_token_to_user(user_id, refresh_token)
         defer.returnValue(refresh_token)
 
-    def generate_access_token(self, user_id, extra_caveats=None):
+    def generate_access_token(self, user_id, extra_caveats=None,
+                              duration_in_ms=(60 * 60 * 1000)):
         extra_caveats = extra_caveats or []
         macaroon = self._generate_base_macaroon(user_id)
         macaroon.add_first_party_caveat("type = access")
         now = self.hs.get_clock().time_msec()
-        expiry = now + (60 * 60 * 1000)
+        expiry = now + duration_in_ms
         macaroon.add_first_party_caveat("time < %d" % (expiry,))
         for caveat in extra_caveats:
             macaroon.add_first_party_caveat(caveat)
author	Negar Fazeli <negar.fazeli@ericsson.com>	2016-07-08 16:53:18 +0200
committer	Negar Fazeli <negar.fazeli@ericsson.com>	2016-07-13 15:00:37 +0200
commit	0136a522b18a734db69171d60566f501c0ced663 (patch)
tree	0828758ba08b5eba36d0442a9785ebf9341b2033 /synapse/handlers/auth.py
parent	Merge pull request #914 from matrix-org/markjh/upgrade (diff)
download	synapse-0136a522b18a734db69171d60566f501c0ced663.tar.xz