mirror of https://git.sr.ht/~tsileo/microblog.pub
Compare commits
No commits in common. "3c074948094c7e2ab897d4e4e2e17c513ce63613" and "4e1bb330aa312ae98cd8ef4ad73ca89510278ce3" have entirely different histories.
3c07494809
...
4e1bb330aa
|
@ -124,7 +124,6 @@ class Config(pydantic.BaseModel):
|
|||
key_path: str | None = None
|
||||
|
||||
session_timeout: int = 3600 * 24 * 3 # in seconds, 3 days by default
|
||||
csrf_token_exp: int = 3600
|
||||
|
||||
disabled_notifications: list[str] = []
|
||||
|
||||
|
@ -264,7 +263,7 @@ def verify_csrf_token(
|
|||
if redirect_url:
|
||||
please_try_again = f'<a href="{redirect_url}">please try again</a>'
|
||||
try:
|
||||
csrf_serializer.loads(csrf_token, max_age=CONFIG.csrf_token_exp)
|
||||
csrf_serializer.loads(csrf_token, max_age=1800)
|
||||
except (itsdangerous.BadData, itsdangerous.SignatureExpired):
|
||||
logger.exception("Failed to verify CSRF token")
|
||||
raise HTTPException(
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
import enum
|
||||
from datetime import datetime
|
||||
from typing import Any
|
||||
from typing import Optional
|
||||
from typing import Union
|
||||
|
@ -437,7 +436,7 @@ class OutboxObjectAttachment(Base):
|
|||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||
|
||||
upload_id = Column(Integer, ForeignKey("upload.id"), nullable=False)
|
||||
upload: Mapped["Upload"] = relationship(Upload, uselist=False)
|
||||
upload = relationship(Upload, uselist=False)
|
||||
|
||||
|
||||
class IndieAuthAuthorizationRequest(Base):
|
||||
|
@ -460,9 +459,7 @@ class IndieAuthAccessToken(Base):
|
|||
__tablename__ = "indieauth_access_token"
|
||||
|
||||
id = Column(Integer, primary_key=True, index=True)
|
||||
created_at: Mapped[datetime] = Column(
|
||||
DateTime(timezone=True), nullable=False, default=now
|
||||
)
|
||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
||||
|
||||
# Will be null for personal access tokens
|
||||
indieauth_authorization_request_id = Column(
|
||||
|
@ -473,9 +470,9 @@ class IndieAuthAccessToken(Base):
|
|||
uselist=False,
|
||||
)
|
||||
|
||||
access_token: Mapped[str] = Column(String, nullable=False, unique=True, index=True)
|
||||
access_token = Column(String, nullable=False, unique=True, index=True)
|
||||
refresh_token = Column(String, nullable=True, unique=True, index=True)
|
||||
expires_in: Mapped[int] = Column(Integer, nullable=False)
|
||||
expires_in = Column(Integer, nullable=False)
|
||||
scope = Column(String, nullable=False)
|
||||
is_revoked = Column(Boolean, nullable=False, default=False)
|
||||
was_refreshed = Column(Boolean, nullable=False, default=False, server_default="0")
|
||||
|
|
|
@ -60,7 +60,7 @@ async def save_upload(db_session: AsyncSession, f: UploadFile) -> models.Upload:
|
|||
destination_image.putdata(original_image.getdata())
|
||||
destination_image.save(
|
||||
dest_filename,
|
||||
format=_original_image.format, # type: ignore
|
||||
format=_original_image.format,
|
||||
)
|
||||
|
||||
with open(dest_filename, "rb") as dest_f:
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue