Mercurial > p > roundup > code
view website/issues/html/_generic.calendar.html @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | 7146b68ac263 |
| children | 28aa76443f58 |
line wrap: on
line source
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <link rel="stylesheet" type="text/css" href="@@file/style.css" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8;" /> <meta name="robots" content="noindex, nofollow" /> <title tal:content="string:Roundup Calendar"></title> <script language="Javascript" type="text/javascript" tal:attributes="nonce request/client/client_nonce" tal:content="structure string: // this is the name of the field in the original form that we're working on form = window.opener.document.${request/form/form/value}; field = '${request/form/property/value}';" > </script> </head> <body class="body" tal:content="structure python:utils.html_calendar(request)"> </body> </html>