diff options
| author | Erik Johnston <erikj@jki.re> | 2016-07-14 15:51:52 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-07-14 15:51:52 +0100 |
| commit | 209e04fa1192c3134f35f034d1ce02c6ad2fe658 (patch) | |
| tree | d25564446dd0027da91269a427bab598ccf56024 /synapse/handlers/auth.py | |
| parent | Merge pull request #915 from matrix-org/dbkr/more_requesttokens (diff) | |
| parent | Bug fix: expire invalid access tokens (diff) | |
| download | synapse-209e04fa1192c3134f35f034d1ce02c6ad2fe658.tar.xz | |
Merge pull request #918 from negzi/bugfix_for_token_expiry
Bug fix: expire invalid access tokens
Diffstat (limited to 'synapse/handlers/auth.py')
| -rw-r--r-- | synapse/handlers/auth.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index e259213a36..5a0ed9d6b9 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -637,12 +637,13 @@ class AuthHandler(BaseHandler): yield self.store.add_refresh_token_to_user(user_id, refresh_token) defer.returnValue(refresh_token) - def generate_access_token(self, user_id, extra_caveats=None): + def generate_access_token(self, user_id, extra_caveats=None, + duration_in_ms=(60 * 60 * 1000)): extra_caveats = extra_caveats or [] macaroon = self._generate_base_macaroon(user_id) macaroon.add_first_party_caveat("type = access") now = self.hs.get_clock().time_msec() - expiry = now + (60 * 60 * 1000) + expiry = now + duration_in_ms macaroon.add_first_party_caveat("time < %d" % (expiry,)) for caveat in extra_caveats: macaroon.add_first_party_caveat(caveat) |