Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat!: add--default-token-lifetime#14631

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Conversation

ethanndickson
Copy link
Member

@ethanndicksonethanndickson commentedSep 10, 2024
edited
Loading

Closes#13990.

Adds a new deployment value that influences the lifetime of tokens created via:

  • /users/{user}/keys [post] - Used by/cli-auth
  • /users/{user}/keys/tokens [post] - Used byTokens page in web UI settings, andcoder tokens create.

The default value of this option is 7 days, to retain the existing TTL for/cli-auth tokens.

Of note is that the web UI andcoder tokens create supply default values when calling/tokens [post].

Therefore, the only breaking change in this PR is for tokens created by directly calling/users/{user}/keys/tokens [post] without a lifetime in the request body. The default TTL for these tokens is 7 days, down from 30. Users calling this endpoint directly should already be specifying a lifetime, so this is unlikely to break any existing workflows.

The tokens returned by/users/{user}/keys [post] are still refreshed with activity, unless--disable-session-expiry-refresh is set.

@ethanndicksonGraphite App
Copy link
MemberAuthor

This stack of pull requests is managed by Graphite.Learn more about stacking.

Join@ethanndickson and the rest of your teammates onGraphiteGraphite

@ethanndicksonethanndicksonforce-pushed the09-10-chore_make_cli_session_keys_respect_--session-duration_ branch from2d3f8f4 to5f56829CompareSeptember 10, 2024 08:51
@bpmct
Copy link
Member

nice. we will definitely want to label this as a breaking change in our changelog. a couple of questions?

  1. how is expiry handled? i'm assuming these are also automatically refreshed?
  2. any thoughts on whether we should deprecate this flag in favor of a more cohesive server flag to avoid breaking any existing behaviors? i'm not super concerned about it but I also haven't spent a ton of time considering consequences

cc@stirby as I'll be PTO for the rest of this week

@ethanndickson
Copy link
MemberAuthor

ethanndickson commentedSep 11, 2024
edited
Loading

Yep, they get refreshed with activity, and I wrote a test to confirm that's the case. The only behaviour I'm worried about breaking is that with the default duration you'll end up needing to login your CLI every work-week. Currently you'd need to take a week off for your session to expire.
I think if we label this appropriately in the changelog, deployment admins will pick up on that potential annoyance, and adjust.

Approach changed.

@ethanndicksonethanndickson changed the titlechore: make cli session keys respect--session-durationchore!: make cli session keys respect--session-durationSep 11, 2024
@ethanndicksonethanndickson marked this pull request as ready for reviewSeptember 13, 2024 07:26
@mafredrimafredri changed the titlechore!: make cli session keys respect--session-durationchore!: make cli session keys respect--session-duration_Sep 13, 2024
@github-actionsgithub-actionsbot added the release/breakingThis label is applied to PRs to detect breaking changes as part of the release process labelSep 13, 2024
@mafredrimafredri changed the titlechore!: make cli session keys respect--session-duration_chore!: make cli session keys respect--session-durationSep 13, 2024
@mafredri
Copy link
Member

mafredri commentedSep 13, 2024
edited
Loading

Sorry for the PR rename, wanted to check if this fixed the release labels:#14664 (it did). (Edit: Actually,#14667 was the cause.)

ethanndickson reacted with heart emoji

@ethanndicksonethanndicksonforce-pushed the09-10-chore_make_cli_session_keys_respect_--session-duration_ branch from5f56829 tob691a47CompareSeptember 18, 2024 07:52
@ethanndicksonethanndickson changed the titlechore!: make cli session keys respect--session-durationfeat!: add--default-token-lifetimeSep 18, 2024
@ethanndicksonethanndicksonforce-pushed the09-10-chore_make_cli_session_keys_respect_--session-duration_ branch fromb691a47 to67e03faCompareSeptember 18, 2024 08:08
@ethanndicksonethanndicksonforce-pushed the09-10-chore_make_cli_session_keys_respect_--session-duration_ branch from67e03fa to43477bfCompareSeptember 18, 2024 08:19
@ethanndicksonethanndicksonforce-pushed the09-10-chore_make_cli_session_keys_respect_--session-duration_ branch from43477bf toc969613CompareSeptember 18, 2024 11:02
@ethanndicksonethanndickson merged commitfccf6f1 intomainSep 18, 2024
29 of 31 checks passed
@ethanndicksonethanndickson deleted the 09-10-chore_make_cli_session_keys_respect_--session-duration_ branchSeptember 18, 2024 11:23
@github-actionsgithub-actionsbot locked and limited conversation to collaboratorsSep 18, 2024
Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.
Reviewers

@deansheatherdeansheatherdeansheather approved these changes

@stirbystirbyAwaiting requested review from stirby

Assignees

@ethanndicksonethanndickson

Labels
release/breakingThis label is applied to PRs to detect breaking changes as part of the release process
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow a configurable default TTL to tokens generated bycoder login
4 participants
@ethanndickson@bpmct@mafredri@deansheather
[8]ページ先頭
©2009-2025 Movatter.jp