Skip to content

Configure JWT tokens to expire after 30 seconds#15

Open
devin-ai-integration[bot] wants to merge 1 commit intomasterfrom
devin/1760467238-jwt-30s-expiration
Open

Configure JWT tokens to expire after 30 seconds#15
devin-ai-integration[bot] wants to merge 1 commit intomasterfrom
devin/1760467238-jwt-30s-expiration

Conversation

@devin-ai-integration
Copy link

@devin-ai-integration devin-ai-integration bot commented Oct 14, 2025

Configure JWT tokens to expire after 30 seconds

Summary

Modified the JWT token expiration configuration from 24 hours to 30 seconds in src/backend/config.py. This changes the JWT_ACCESS_TOKEN_EXPIRES setting to use timedelta(seconds=30) instead of timedelta(hours=24).

All existing backend unit tests pass successfully.

Review & Testing Checklist for Human

  • Verify 30 seconds is the intended expiration time - This is extremely short and will require users to re-authenticate every 30 seconds. Please confirm this is correct and not a typo (e.g., should it be 30 minutes?)
  • Test end-to-end authentication flow - Login to the application, wait 30+ seconds, then attempt an authenticated action. Verify the token expires and the frontend correctly redirects to the login page
  • Verify frontend 401 handling - Confirm the axios interceptor in src/frontend/src/utils/api.js properly clears localStorage and redirects when receiving a 401 response
  • Consider production implications - If this is intended for production use, evaluate the user experience impact of requiring re-authentication every 30 seconds

Notes

  • Backend unit tests (7 JWT-related tests) all pass
  • The frontend already has error handling for 401 responses (lines 29-33 in src/frontend/src/utils/api.js)
  • This change affects all users of the application

Link to Devin run: https://app.devin.ai/sessions/099feb22514f472aa31b01fb2bf7a877
Requested by: jia.wu@codeium.com (@JRWu)

@devin-ai-integration @JRWu
Configure JWT tokens to expire after 30 seconds
27e8c12 
- Changed JWT_ACCESS_TOKEN_EXPIRES from timedelta(hours=24) to timedelta(seconds=30)
- Updated configuration in src/backend/config.py
- All existing backend tests pass successfully

Co-Authored-By: jia.wu@codeium.com <jia_wu@hotmail.ca>
@devin-ai-integration
Copy link
Author

devin-ai-integration bot commented Oct 14, 2025

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 14, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants

Comments