Extend JWT token expiration times

Access tokens now last 1 hour (up from default 15 min) and refresh tokens last 30 days, reducing frequent re-authentication. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-05 10:10:47 -04:00
2 changed files with 6 additions and 3 deletions
--- a/app.py
+++ b/app.py
@@ -1,5 +1,6 @@
 import logging
 import os
 from datetime import timedelta
 from dotenv import load_dotenv
 from quart import Quart, jsonify, render_template, request, send_from_directory
@@ -38,6 +39,8 @@ app = Quart(
 )
 app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY", "SECRET_KEY")
 app.config["JWT_ACCESS_TOKEN_EXPIRES"] = timedelta(hours=1)
 app.config["JWT_REFRESH_TOKEN_EXPIRES"] = timedelta(days=30)
 app.config["MAX_CONTENT_LENGTH"] = 10 * 1024 * 1024  # 10 MB upload limit
 jwt = JWTManager(app)
--- a/blueprints/users/oidc_service.py
+++ b/blueprints/users/oidc_service.py
@@ -35,7 +35,7 @@ class OIDCUserService:
                claims.get("preferred_username") or claims.get("name") or user.username
            )
            # Update LDAP groups from claims
-            user.ldap_groups = claims.get("groups") or []
+            user.ldap_groups = claims.get("groups", [])
            await user.save()
            return user
@@ -48,7 +48,7 @@ class OIDCUserService:
                user.oidc_subject = oidc_subject
                user.auth_provider = "oidc"
                user.password = None  # Clear password
-                user.ldap_groups = claims.get("groups") or []
+                user.ldap_groups = claims.get("groups", [])
                await user.save()
                return user
@@ -61,7 +61,7 @@ class OIDCUserService:
        )
        # Extract LDAP groups from claims
-        groups = claims.get("groups") or []
+        groups = claims.get("groups", [])
        user = await User.create(
            id=uuid4(),