pixelfed/app/Providers/AuthServiceProvider.php
delthas 748a3be46d Add support for configurable OAuth tokens and refresh tokens lifetime
Previously, the lifetime of tokens and refresh tokens was hardcoded at
15 and 30 days.

Some instances administrators may wish to change these values.

This makes these two values configurable with the two .env variables:
OAUTH_TOKEN_DAYS and OAUTH_REFRESH_DAYS which are the lifetime in days
for these two tokens and refresh tokens.
2020-08-31 23:16:42 +02:00

55 lines
1.6 KiB
PHP

<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
use Gate;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
if(config('pixelfed.oauth_enabled')) {
Passport::routes(null, ['middleware' => ['twofactor', \Fruitcake\Cors\HandleCors::class]]);
Passport::tokensExpireIn(now()->addDays(config('instance.oauth.token_expiration')));
Passport::refreshTokensExpireIn(now()->addDays(config('instance.oauth.refresh_expiration')));
Passport::enableImplicitGrant();
if(config('instance.oauth.pat.enabled')) {
Passport::personalAccessClientId(config('instance.oauth.pat.id'));
}
Passport::setDefaultScope([
'read',
'write',
'follow',
]);
Passport::tokensCan([
'read' => 'Full read access to your account',
'write' => 'Full write access to your account',
'follow' => 'Ability to follow other profiles',
'push' => ''
]);
}
Gate::define('viewWebSocketsDashboard', function ($user = null) {
return $user->is_admin;
});
}
}