mirror of https://git.sr.ht/~tsileo/microblog.pub
Compare commits
3 Commits
4e1bb330aa
...
3c07494809
Author | SHA1 | Date |
---|---|---|
Thomas Sileo | 3c07494809 | |
Thomas Sileo | 2433fa01cd | |
Thomas Sileo | 3169890a39 |
|
@ -124,6 +124,7 @@ class Config(pydantic.BaseModel):
|
||||||
key_path: str | None = None
|
key_path: str | None = None
|
||||||
|
|
||||||
session_timeout: int = 3600 * 24 * 3 # in seconds, 3 days by default
|
session_timeout: int = 3600 * 24 * 3 # in seconds, 3 days by default
|
||||||
|
csrf_token_exp: int = 3600
|
||||||
|
|
||||||
disabled_notifications: list[str] = []
|
disabled_notifications: list[str] = []
|
||||||
|
|
||||||
|
@ -263,7 +264,7 @@ def verify_csrf_token(
|
||||||
if redirect_url:
|
if redirect_url:
|
||||||
please_try_again = f'<a href="{redirect_url}">please try again</a>'
|
please_try_again = f'<a href="{redirect_url}">please try again</a>'
|
||||||
try:
|
try:
|
||||||
csrf_serializer.loads(csrf_token, max_age=1800)
|
csrf_serializer.loads(csrf_token, max_age=CONFIG.csrf_token_exp)
|
||||||
except (itsdangerous.BadData, itsdangerous.SignatureExpired):
|
except (itsdangerous.BadData, itsdangerous.SignatureExpired):
|
||||||
logger.exception("Failed to verify CSRF token")
|
logger.exception("Failed to verify CSRF token")
|
||||||
raise HTTPException(
|
raise HTTPException(
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import enum
|
import enum
|
||||||
|
from datetime import datetime
|
||||||
from typing import Any
|
from typing import Any
|
||||||
from typing import Optional
|
from typing import Optional
|
||||||
from typing import Union
|
from typing import Union
|
||||||
|
@ -436,7 +437,7 @@ class OutboxObjectAttachment(Base):
|
||||||
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
outbox_object_id = Column(Integer, ForeignKey("outbox.id"), nullable=False)
|
||||||
|
|
||||||
upload_id = Column(Integer, ForeignKey("upload.id"), nullable=False)
|
upload_id = Column(Integer, ForeignKey("upload.id"), nullable=False)
|
||||||
upload = relationship(Upload, uselist=False)
|
upload: Mapped["Upload"] = relationship(Upload, uselist=False)
|
||||||
|
|
||||||
|
|
||||||
class IndieAuthAuthorizationRequest(Base):
|
class IndieAuthAuthorizationRequest(Base):
|
||||||
|
@ -459,7 +460,9 @@ class IndieAuthAccessToken(Base):
|
||||||
__tablename__ = "indieauth_access_token"
|
__tablename__ = "indieauth_access_token"
|
||||||
|
|
||||||
id = Column(Integer, primary_key=True, index=True)
|
id = Column(Integer, primary_key=True, index=True)
|
||||||
created_at = Column(DateTime(timezone=True), nullable=False, default=now)
|
created_at: Mapped[datetime] = Column(
|
||||||
|
DateTime(timezone=True), nullable=False, default=now
|
||||||
|
)
|
||||||
|
|
||||||
# Will be null for personal access tokens
|
# Will be null for personal access tokens
|
||||||
indieauth_authorization_request_id = Column(
|
indieauth_authorization_request_id = Column(
|
||||||
|
@ -470,9 +473,9 @@ class IndieAuthAccessToken(Base):
|
||||||
uselist=False,
|
uselist=False,
|
||||||
)
|
)
|
||||||
|
|
||||||
access_token = Column(String, nullable=False, unique=True, index=True)
|
access_token: Mapped[str] = Column(String, nullable=False, unique=True, index=True)
|
||||||
refresh_token = Column(String, nullable=True, unique=True, index=True)
|
refresh_token = Column(String, nullable=True, unique=True, index=True)
|
||||||
expires_in = Column(Integer, nullable=False)
|
expires_in: Mapped[int] = Column(Integer, nullable=False)
|
||||||
scope = Column(String, nullable=False)
|
scope = Column(String, nullable=False)
|
||||||
is_revoked = Column(Boolean, nullable=False, default=False)
|
is_revoked = Column(Boolean, nullable=False, default=False)
|
||||||
was_refreshed = Column(Boolean, nullable=False, default=False, server_default="0")
|
was_refreshed = Column(Boolean, nullable=False, default=False, server_default="0")
|
||||||
|
|
|
@ -60,7 +60,7 @@ async def save_upload(db_session: AsyncSession, f: UploadFile) -> models.Upload:
|
||||||
destination_image.putdata(original_image.getdata())
|
destination_image.putdata(original_image.getdata())
|
||||||
destination_image.save(
|
destination_image.save(
|
||||||
dest_filename,
|
dest_filename,
|
||||||
format=_original_image.format,
|
format=_original_image.format, # type: ignore
|
||||||
)
|
)
|
||||||
|
|
||||||
with open(dest_filename, "rb") as dest_f:
|
with open(dest_filename, "rb") as dest_f:
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue