Mercurial > p > roundup > code
annotate roundup/dist/command/install_lib.py @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | 42bf0a707763 |
| children |
| rev | line source |
|---|---|
| 4516 | 1 from roundup.dist.command.build import build_message_files, check_manifest |
|
6647
42bf0a707763
issue2551183 - Replace references to distutils in roundup/dist/command
John Rouillard <rouilj@ieee.org>
parents:
4516
diff
changeset
|
2 from setuptools.command.install_lib import install_lib as base |
| 4516 | 3 |
| 4 class install_lib(base): | |
| 5 | |
| 6 def run(self): | |
| 7 check_manifest() | |
| 8 build_message_files(self) | |
| 9 base.run(self) |