Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support configuration of refresh token expiration by environment variable #12335

Merged
merged 1 commit into from
Jan 4, 2025
Merged

feat: support configuration of refresh token expiration by environment variable #12335

merged 1 commit into from
Jan 4, 2025

Conversation

euxx
Copy link
Contributor

@euxx euxx commented Jan 3, 2025
edited
Loading

Summary

Resolves #12346

From #9233, the refresh token expiration is currently fixed at 30 days.

For security considerations, the refresh token expiration in our use case needs to be set to 1 day.

With this PR, we can customize the refresh token expiration through environment variable, and bringing more flexibility.

The implementation follows the same pattern as ACCESS_TOKEN_EXPIRE_MINUTES and has been verified locally.

Checklist

  • This change requires a documentation update, included: Dify Document
  • I understand that this PR may be closed in case there was no previous discussion or issues. (This doesn't apply to typos!)
  • I've added a test for each change that was introduced, and I tried as much as possible to make a single atomic change.
  • I've updated the documentation accordingly.
  • I ran dev/reformat(backend) and cd web && npx lint-staged(frontend) to appease the lint gods

@dosubot dosubot bot added size:S This PR changes 10-29 lines, ignoring generated files. 💪 enhancement New feature or request 📚 documentation Improvements or additions to documentation labels Jan 3, 2025
@crazywoola
Copy link
Member

Thanks for the PR.

  • You need to link an issue or create one.
  • Do not modify docker-compose.yml directly, see below.

    dify/docker/docker-compose.yaml

    Lines 1 to 5 in 1885d3d

    # ==================================================================
    # WARNING: This file is auto-generated by generate_docker_compose
    # Do not modify this file directly. Instead, update the .env.example
    # or docker-compose-template.yaml and regenerate this file.
    # ==================================================================

@euxx
Copy link
Contributor Author

euxx commented Jan 3, 2025

Thanks for the PR.

  • You need to link an issue or create one.
  • Do not modify docker-compose.yml directly, see below.

    dify/docker/docker-compose.yaml

    Lines 1 to 5 in 1885d3d

    # ==================================================================
    # WARNING: This file is auto-generated by generate_docker_compose
    # Do not modify this file directly. Instead, update the .env.example
    # or docker-compose-template.yaml and regenerate this file.
    # ==================================================================

Hi, thanks for the review.

I have added and linked the issue (#12346).

And the changes to docker-compose.yml has already been generated by running:

$ cd docker
$ python3 generate_docker_compose
image

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Jan 4, 2025
@crazywoola crazywoola merged commit 1fa6640 into langgenius:main Jan 4, 2025
7 checks passed
Scorpion1221 added a commit to yybht155/dify that referenced this pull request Jan 11, 2025
@Scorpion1221
Merge commit 'c236f05f4b575884b42fc45819ad71b05a22115c'
9a4ecc0 
* commit 'c236f05f4b575884b42fc45819ad71b05a22115c': (135 commits)
  chore: bump version to 0.15.0 (langgenius#12297)
  refactor: enhance API token validation with session locking and last used timestamp update (langgenius#12426)
  Fix newline characters in tables during document parsing (langgenius#12112)
  fix:deepseek tool call not working correctly (langgenius#12437)
  add fish-speech-1.5 from siliconflow (langgenius#12425)
  chore(docker/.env.example): Add TOP_K_MAX_VALUE to the `.env.example`… (langgenius#12422)
  refactor: use tiktoken for token calculation (langgenius#12416)
  fix: [PromptEditorHeightResizeWrap] Bug  langgenius#12410  (langgenius#12406)
  Fixes langgenius#12414: Add cheaper model and long context model for Qwen2.5-72B-Instruct from siliconflow (langgenius#12415)
  Support TTS and Speech2Text for Model Provider GPUStack (langgenius#12381)
  mark deprecated models in siliconflow langgenius#12399 (langgenius#12405)
  fix: http method can be upper case and lower case close langgenius#11877 (langgenius#12401)
  fix: enhance chunk list management with new invalidation keys and imp… (langgenius#12396)
  [Fix] revert sagemaker llm to support model hub (langgenius#12378)
  sandbox doesn't provide auto disable log (langgenius#12388)
  feat: support config top max value by env (langgenius#12375)
  chore: chat app textarea auto focus (langgenius#12366)
  feat: support configuration of refresh token expiration by environment variable (langgenius#12335)
  fix: resolve issue with the opening statement generated by the `AutomaticRes` component failing to sync between states. (langgenius#12349)
  Fix the issue where `TextGeneration` component does not correctly clear input data. (langgenius#12351)
  ...

# Conflicts:
#	api/core/helper/code_executor/code_executor.py
#	api/poetry.lock
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crazywoola crazywoola crazywoola approved these changes

Assignees
No one assigned
Labels
📚 documentation Improvements or additions to documentation 💪 enhancement New feature or request lgtm This PR has been approved by a maintainer size:S This PR changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support configuration of refresh token expiration by environment variable
2 participants
@euxx @crazywoola