diff --git a/src/cloudron.js b/src/cloudron.js index a37342cd0..60a496a15 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -250,7 +250,7 @@ function activate(username, password, email, displayName, ip, auditSource, callb // Also generate a token so the admin creation can also act as a login var token = tokendb.generateToken(); - var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(token, userObject.id, result.id, expires, '*', function (error) { if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)); diff --git a/src/constants.js b/src/constants.js index d6db8c4da..9347302d1 100644 --- a/src/constants.js +++ b/src/constants.js @@ -16,6 +16,8 @@ exports = module.exports = { GHOST_USER_FILE: '/tmp/cloudron_ghost.json', + DEFAULT_TOKEN_EXPIRATION: 7 * 24 * 60 * 60 * 1000, // 1 week + DEFAULT_MEMORY_LIMIT: (256 * 1024 * 1024) // see also client.js }; diff --git a/src/developer.js b/src/developer.js index a2cf5fad1..82ea2151c 100644 --- a/src/developer.js +++ b/src/developer.js @@ -12,8 +12,9 @@ exports = module.exports = { }; var assert = require('assert'), - config = require('./config.js'), clients = require('./clients.js'), + config = require('./config.js'), + constants = require('./constants.js'), debug = require('debug')('box:developer'), eventlog = require('./eventlog.js'), tokendb = require('./tokendb.js'), @@ -72,7 +73,7 @@ function issueDeveloperToken(user, auditSource, callback) { assert.strictEqual(typeof callback, 'function'); var token = tokendb.generateToken(); - var expiresAt = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expiresAt = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; var scopes = '*,' + clients.SCOPE_ROLE_SDK; tokendb.add(token, user.id, 'cid-cli', expiresAt, scopes, function (error) { diff --git a/src/routes/clients.js b/src/routes/clients.js index 1f745d363..42a0d1ad6 100644 --- a/src/routes/clients.js +++ b/src/routes/clients.js @@ -14,6 +14,7 @@ exports = module.exports = { var assert = require('assert'), clients = require('../clients.js'), ClientsError = clients.ClientsError, + constants = require('../constants.js'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, validUrl = require('valid-url'); @@ -75,7 +76,7 @@ function addClientToken(req, res, next) { assert.strictEqual(typeof req.params.clientId, 'string'); assert.strictEqual(typeof req.user, 'object'); - var expiresAt = req.query.expiresAt ? parseInt(req.query.expiresAt, 10) : Date.now() + 24 * 60 * 60 * 1000; // default 1 day; + var expiresAt = req.query.expiresAt ? parseInt(req.query.expiresAt, 10) : Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; if (isNaN(expiresAt) || expiresAt <= Date.now()) return next(new HttpError(400, 'expiresAt must be a timestamp in the future')); clients.addClientTokenByUserId(req.params.clientId, req.user.id, expiresAt, function (error, result) { diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index 1b66c0452..79e08101f 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -7,6 +7,7 @@ var appdb = require('../appdb'), clients = require('../clients'), ClientsError = clients.ClientsError, config = require('../config.js'), + constants = require('../constants'), DatabaseError = require('../databaseerror'), debug = require('debug')('box:routes/oauth2'), eventlog = require('../eventlog.js'), @@ -75,7 +76,7 @@ gServer.grant(oauth2orize.grant.token({ scopeSeparator: ',' }, function (client, debug('grant token:', client.id, user.id, ares); var token = tokendb.generateToken(); - var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(token, user.id, client.id, expires, client.scope, function (error) { if (error) return callback(error); @@ -105,7 +106,7 @@ gServer.exchange(oauth2orize.exchange.code(function (client, code, redirectURI, if(error) return callback(error); var token = tokendb.generateToken(); - var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(token, authCode.userId, authCode.clientId, expires, client.scope, function (error) { if (error) return callback(error); diff --git a/src/simpleauth.js b/src/simpleauth.js index edf9b2356..c109c94af 100644 --- a/src/simpleauth.js +++ b/src/simpleauth.js @@ -11,6 +11,7 @@ var apps = require('./apps.js'), clients = require('./clients.js'), ClientsError = clients.ClientsError, config = require('./config.js'), + constants = require('./constants.js'), DatabaseError = require('./databaseerror.js'), debug = require('debug')('box:src/simpleauth'), eventlog = require('./eventlog.js'), @@ -51,7 +52,7 @@ function loginLogic(clientId, username, password, callback) { if (!access) return callback(new AppsError(AppsError.ACCESS_DENIED)); var accessToken = tokendb.generateToken(); - var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(accessToken, userObject.id, clientId, expires, clientObject.scope, function (error) { if (error) return callback(error); diff --git a/src/user.js b/src/user.js index d8777985b..2c2891ab4 100644 --- a/src/user.js +++ b/src/user.js @@ -463,7 +463,7 @@ function setPassword(userId, newPassword, callback) { if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error)); var token = tokendb.generateToken(); - var expiresAt = Date.now() + 24 * 60 * 60 * 1000; // 1 day + var expiresAt = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(token, user.id, result.id, expiresAt, '*', function (error) { if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));