ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 20:35:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #18261 from Classic298/patch-1

Browse source 
enh: lower JWT expiration default value and add warn message
This commit is contained in:
Tim Jaeryang Baek 2025-10-14 18:35:03 -05:00 committed by GitHub
commit 94806555bf
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
backend/open_webui/config.py
View file

@ -307,9 +307,15 @@ API_KEY_ALLOWED_ENDPOINTS = PersistentConfig(
JWT_EXPIRES_IN = PersistentConfig(
"JWT_EXPIRES_IN", "auth.jwt_expiry", os.environ.get("JWT_EXPIRES_IN", "-1")
"JWT_EXPIRES_IN", "auth.jwt_expiry", os.environ.get("JWT_EXPIRES_IN", "4w")
)
if JWT_EXPIRES_IN.value == "-1":
log.warning(
"⚠️ SECURITY WARNING: JWT_EXPIRES_IN is set to '-1'\n"
" See: https://docs.openwebui.com/getting-started/env-configuration\n"
)
####################################
# OAuth config
####################################