Longer expiry for OAuth Grant Codes (5 min)

These codes should not be long lived but 5 minutes seems like a reasonable upper bound. Most cases should be well under 15 seconds.
okpy · Sep 5, 2018 · 7e8928e · 7e8928e
1 parent 2d94cc1
commit 7e8928e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/server/controllers/oauth.py b/server/controllers/oauth.py
@@ -34,7 +34,7 @@ def load_grant(client_id, code):
 
 @oauth_provider.grantsetter
 def save_grant(client_id, code, request, *args, **kwargs):
-    expires = dt.datetime.utcnow() + dt.timedelta(seconds=100)
+    expires = dt.datetime.utcnow() + dt.timedelta(seconds=300)
     grant = Grant(
         client_id=client_id,
         code=code['code'],