From 49ed92d37e016a90b2dcb7c1b2a8a86d03b1e756 Mon Sep 17 00:00:00 2001 From: Zayden Jung Date: Sun, 17 May 2026 18:41:15 +0800 Subject: [PATCH] jwt token and refresh token expire time is determined via env var --- app/auth/jwt.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/auth/jwt.py b/app/auth/jwt.py index 81bf14b..77862f3 100644 --- a/app/auth/jwt.py +++ b/app/auth/jwt.py @@ -6,6 +6,9 @@ from fastapi import HTTPException, status JWT_SECRET = os.getenv("JWT_SECRET") JWT_ALGORITHM = os.getenv("JWT_ALGORITHM", "HS256") +ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "60")) +REFRESH_TOKEN_EXPIRE_DAYS = int(os.getenv("REFRESH_TOKEN_EXPIRE_DAYS", "7")) + def now(): return datetime.now(timezone.utc) @@ -13,7 +16,7 @@ def create_access_token(data: dict): payload = { **data, "type": "access", - "exp": now() + timedelta(minutes=60), + "exp": now() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES), "iat": now(), } return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM) @@ -22,7 +25,7 @@ def create_refresh_token(data: dict): payload = { **data, "type": "refresh", - "exp": now() + timedelta(days=7), + "exp": now() + timedelta(days=REFRESH_TOKEN_EXPIRE_DAYS), "iat": now(), } return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)