Mercurial Repository: p/roundup/code: roundup/configuration.py comparison

comparison roundup/configuration.py @ 5878:1b57d8f3eb97

Add rudimentery experiment JSON Web Token (jwt) support issue2551061: Add rudimentary experimental support for JSON Web Tokens to allow delegation of limited access rights to third parties. See doc/rest.txt for details and intent.

author	John Rouillard <rouilj@ieee.org>
date	Fri, 27 Sep 2019 20:38:31 -0400
parents	936275dfe1fa
children	94c415c7cd36

comparison

equal deleted inserted replaced

-:08b241c9fea4
+:1b57d8f3eb97
 def __str__(self):
 return "NO DEFAULT"
 NODEFAULT = UnsetDefaultValue()
-def create_token():
+def create_token(size=32):
-return b2s(binascii.b2a_base64(random_.token_bytes(32)).strip())
+return b2s(binascii.b2a_base64(random_.token_bytes(size)).strip())
 ### Option classes
 class Option:
 "Changing this changes the etag and invalidates updates by\n"
 "clients. It must be persistent across application restarts.\n"
 "(Note the default value changes every time\n"
 "     roundup-admin updateconfig\n"
 "is run, so it must be explicitly set to a non-empty string.\n"),
+(MandatoryOption, "jwt_secret", "disabled",
+"This is used to generate/validate json web tokens (jwt).\n"
+"Even if you don't use jwts it must not be empty.\n"
+"If less than 256 bits (32 characters) in length it will\n"
+"disable use of jwt. Changing this invalidates all jwts\n"
+"issued by the roundup instance requiring *all* users to\n"
+"generate new jwts. This is experimental and disabled by default.\n"
+"It must be persistent across application restarts.\n"),
 )),
 ("rdbms", (
 (DatabaseBackend, 'backend', NODEFAULT,
 "Database backend."),
 (Option, 'name', 'roundup',

Mercurial > p > roundup > code

comparison roundup/configuration.py @ 5878:1b57d8f3eb97