aboutsummaryrefslogtreecommitdiffstats
path: root/modules/setting/setting.go
diff options
context:
space:
mode:
Diffstat (limited to 'modules/setting/setting.go')
-rw-r--r--modules/setting/setting.go22
1 files changed, 6 insertions, 16 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index d26c054cd7..f648179155 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -371,14 +371,17 @@ var (
AccessTokenExpirationTime int64
RefreshTokenExpirationTime int64
InvalidateRefreshTokens bool
- JWTSecretBytes []byte `ini:"-"`
+ JWTSigningAlgorithm string `ini:"JWT_SIGNING_ALGORITHM"`
JWTSecretBase64 string `ini:"JWT_SECRET"`
+ JWTSigningPrivateKeyFile string `ini:"JWT_SIGNING_PRIVATE_KEY_FILE"`
MaxTokenLength int
}{
Enable: true,
AccessTokenExpirationTime: 3600,
RefreshTokenExpirationTime: 730,
InvalidateRefreshTokens: false,
+ JWTSigningAlgorithm: "RS256",
+ JWTSigningPrivateKeyFile: "jwt/private.pem",
MaxTokenLength: math.MaxInt16,
}
@@ -801,21 +804,8 @@ func NewContext() {
return
}
- if OAuth2.Enable {
- OAuth2.JWTSecretBytes = make([]byte, 32)
- n, err := base64.RawURLEncoding.Decode(OAuth2.JWTSecretBytes, []byte(OAuth2.JWTSecretBase64))
-
- if err != nil || n != 32 {
- OAuth2.JWTSecretBase64, err = generate.NewJwtSecret()
- if err != nil {
- log.Fatal("error generating JWT secret: %v", err)
- return
- }
-
- CreateOrAppendToCustomConf(func(cfg *ini.File) {
- cfg.Section("oauth2").Key("JWT_SECRET").SetValue(OAuth2.JWTSecretBase64)
- })
- }
+ if !filepath.IsAbs(OAuth2.JWTSigningPrivateKeyFile) {
+ OAuth2.JWTSigningPrivateKeyFile = filepath.Join(CustomPath, OAuth2.JWTSigningPrivateKeyFile)
}
sec = Cfg.Section("admin")
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-01 00:25:35 +0000