Add AccountsJS configurations as env vars#6841
Closed
tedraykov wants to merge 2 commits intopassword-reset-urlfrom
Closed
Add AccountsJS configurations as env vars#6841tedraykov wants to merge 2 commits intopassword-reset-urlfrom
tedraykov wants to merge 2 commits intopassword-reset-urlfrom
Conversation
Signed-off-by: tedraykov <tedraykov@gmail.com>
🦋 Changeset detectedLatest commit: 82f2d5f The changes in this PR will be included in the next version bump. This PR includes changesets to release 2 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Signed-off-by: tedraykov <tedraykov@gmail.com>
vanpho93
approved these changes
Jun 6, 2023
sujithvn
reviewed
Jun 16, 2023
| { | ||
| ACCOUNTS_JS_RETURN_TOKENS_AFTER_RESET_PASSWORD: bool({ default: false }), | ||
| ACCOUNTS_JS_ACCESS_TOKEN_EXPIRES_IN: str({ default: "90m" }), | ||
| ACCOUNTS_JS_REFRESH_TOKEN_EXPIRES_IN: str({ default: "30d" }), |
Contributor
There was a problem hiding this comment.
We are providing 30d as default for refresh-token, but the default in accountsjs is 7d link
sujithvn
approved these changes
Jun 16, 2023
Contributor
sujithvn
left a comment
sujithvn
left a comment
There was a problem hiding this comment.
All good, just my comment on the default for refresh-token expiry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Impact: minor
Type: feature
Issue
Developers can't customize the JWT access and refresh tokens' expiration date. Also, there is no way to configure whether the reset password mutation returns new auth tokens or not.
Solution
This PR adds environmental variables that allow to configure the aforementioned accounts js server properties, i.e. the jwt access and refresh token expiration time and the password reset mutation return type.
Breaking changes
None. The default values of the env vars are identical to the accounts js library default values.
Testing
Testing the password reset returned tokens:
ACCOUNTS_JS_RETURN_TOKENS_AFTER_RESET_PASSWORDenv var totrue.resetPasswordmutation with thetokensin the return body like so:If the env var is set to true, you should see the newly generated access and refresh tokens in the response
If the env var is set to false, you should see
nullin the responseTesting the jwt token expiration time:
ACCOUNTS_JS_ACCESS_TOKEN_EXPIRES_INto7dfor exampleauthenticatemutation or with the Kinetic Admin