diff --git a/docker/.env.example b/docker/.env.example index 7244bdff129..c84f838c125 100644 --- a/docker/.env.example +++ b/docker/.env.example @@ -5,6 +5,7 @@ GID='1000' # SIG_KEY='passphrase' # Please generate random string at least 32 chars long. # SIG_SALT='salt' # Please generate random string at least 32 chars long. # JWT_SECRET="my-random-string-for-seeding" # Only needed if AUTH_TOKEN is set. Please generate random string at least 12 chars long. +# JWT_EXPIRY="30d" # (optional) https://docs.anythingllm.com/configuration#custom-ttl-for-sessions ########################################### ######## LLM API SElECTION ################ diff --git a/server/.env.example b/server/.env.example index df0b200826a..0ccefd5b928 100644 --- a/server/.env.example +++ b/server/.env.example @@ -1,5 +1,6 @@ SERVER_PORT=3001 JWT_SECRET="my-random-string-for-seeding" # Please generate random string at least 12 chars long. +# JWT_EXPIRY="30d" # (optional) https://docs.anythingllm.com/configuration#custom-ttl-for-sessions SIG_KEY='passphrase' # Please generate random string at least 32 chars long. SIG_SALT='salt' # Please generate random string at least 32 chars long. diff --git a/server/endpoints/system.js b/server/endpoints/system.js index 119796024d8..fcefd338cc8 100644 --- a/server/endpoints/system.js +++ b/server/endpoints/system.js @@ -202,18 +202,18 @@ function systemEndpoints(app) { existingUser?.id ); - // Check if the user has seen the recovery codes + // Generate a session token for the user then check if they have seen the recovery codes + // and if not, generate recovery codes and return them to the frontend. + const sessionToken = makeJWT( + { id: existingUser.id, username: existingUser.username }, + process.env.JWT_EXPIRY + ); if (!existingUser.seen_recovery_codes) { const plainTextCodes = await generateRecoveryCodes(existingUser.id); - - // Return recovery codes to frontend response.status(200).json({ valid: true, user: User.filterFields(existingUser), - token: makeJWT( - { id: existingUser.id, username: existingUser.username }, - "30d" - ), + token: sessionToken, message: null, recoveryCodes: plainTextCodes, }); @@ -223,10 +223,7 @@ function systemEndpoints(app) { response.status(200).json({ valid: true, user: User.filterFields(existingUser), - token: makeJWT( - { id: existingUser.id, username: existingUser.username }, - "30d" - ), + token: sessionToken, message: null, }); return; @@ -259,7 +256,7 @@ function systemEndpoints(app) { valid: true, token: makeJWT( { p: new EncryptionManager().encrypt(password) }, - "30d" + process.env.JWT_EXPIRY ), message: null, }); diff --git a/server/models/temporaryAuthToken.js b/server/models/temporaryAuthToken.js index 7f0c6b9f47e..327c69bb594 100644 --- a/server/models/temporaryAuthToken.js +++ b/server/models/temporaryAuthToken.js @@ -86,7 +86,7 @@ const TemporaryAuthToken = { // Create a new session token for the user valid for 30 days const sessionToken = makeJWT( { id: token.user.id, username: token.user.username }, - "30d" + process.env.JWT_EXPIRY ); return { sessionToken, token, error: null }; diff --git a/server/utils/helpers/updateENV.js b/server/utils/helpers/updateENV.js index d92cd36df9b..175fa8ee3d4 100644 --- a/server/utils/helpers/updateENV.js +++ b/server/utils/helpers/updateENV.js @@ -1094,6 +1094,8 @@ function dumpENV() { ...Object.values(KEY_MAPPING).map((values) => values.envKey), // Manually Add Keys here which are not already defined in KEY_MAPPING // and are either managed or manually set ENV key:values. + "JWT_EXPIRY", + "STORAGE_DIR", "SERVER_PORT", // For persistent data encryption