Mercurial > p > roundup > code
view .hgignore @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | 18445cd132c8 |
| children | b99e76e76496 |
line wrap: on
line source
syntax: glob *.orig *.rej *~ \#*\# .\#* *.swp *.tmp *.pyd *.pyc *.pyo build demo dist MANIFEST roundup.egg-info _test_* *.cover share/doc/roundup/html doc/FAQ.html doc/admin_guide.html doc/announcement.html doc/customizing.html doc/design.html doc/developers.html doc/features.html doc/glossary.html doc/implementation.html doc/index.html doc/installation.html doc/mysql.html doc/overview.html doc/postgresql.html doc/security.html doc/tracker_templates.html doc/upgrading.html doc/user_guide.html doc/whatsnew-0.7.html doc/whatsnew-0.8.html doc/xmlrpc.html locale/*.mo locale/*.bak locale/*.poedit website/www/_tmp/ website/www/COPYING.txt website/www/docs website/www/html/ .pytest_cache