Merge pull request '[FEAT] Enable `INVALIDATE_REFRESH_TOKENS`' (#4633) from gusted/sec-oauth into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4633 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
commit
14d079a1eb
|
@ -104,7 +104,7 @@ var OAuth2 = struct {
|
|||
Enabled: true,
|
||||
AccessTokenExpirationTime: 3600,
|
||||
RefreshTokenExpirationTime: 730,
|
||||
InvalidateRefreshTokens: false,
|
||||
InvalidateRefreshTokens: true,
|
||||
JWTSigningAlgorithm: "RS256",
|
||||
JWTSigningPrivateKeyFile: "jwt/private.pem",
|
||||
MaxTokenLength: math.MaxInt16,
|
||||
|
|
Loading…
Reference in New Issue