Documentation and initial middleware

README.md

@@ -125,7 +125,8 @@ You can load environment variables with a different prefix via calling the `conf
 | **CAPTCHA_SESSION_EXPIRATION**        | 60                           | The amount of seconds till captcha session expiration on creation. Setting to 0 will disable expiration.                         |
 | **CAPTCHA_FONT**                      | captcha-font.ttf             | The file path to the font being used for captcha generation.                                                                     |
 | **TWO_STEP_SESSION_EXPIRATION**       | 200                          | The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.                        |
-| **AUTHENTICATION_SESSION_EXPIRATION** | 2692000                      | The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.                  |
+| **AUTHENTICATION_SESSION_EXPIRATION** | 86400                        | The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.                  |
+| **AUTHENTICATION_REFRESH_EXPIRATION** | 2592000                      | The amount of seconds till authentication session refresh expiration.                                                            |
 | **ALLOW_LOGIN_WITH_USERNAME**         | False                        | Allows login via username and email.                                                                                             |
 | **INITIAL_ADMIN_EMAIL**               | [email protected]            | Email used when creating the initial admin account.                                                                              |
 | **INITIAL_ADMIN_PASSWORD**            | admin123                     | Password used when creating the initial admin account.                                                                           |

sanic_security/authentication.py

@@ -267,6 +267,7 @@ async def authenticate(request: Request) -> AuthenticationSession:
     """
     authentication_session = await AuthenticationSession.decode(request)
     authentication_session.validate()
+    # Automatic refresh?
     if not authentication_session.is_anonymous:
         authentication_session.bearer.validate()
     return authentication_session

sanic_security/configuration.py

@@ -66,7 +66,7 @@ class Config(dict):
         CAPTCHA_FONT (str): The file path to the font being used for captcha generation.
         TWO_STEP_SESSION_EXPIRATION (int):  The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.
         AUTHENTICATION_SESSION_EXPIRATION (bool): The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.
-        AUTHENTICATION_SESSION_EXPIRATION (bool): The amount of seconds till authentication session refresh expiration.
+        AUTHENTICATION_REFRESH_EXPIRATION (bool): The amount of seconds till authentication session refresh expiration.
         ALLOW_LOGIN_WITH_USERNAME (bool): Allows login via username and email.
         INITIAL_ADMIN_EMAIL (str): Email used when creating the initial admin account.
         INITIAL_ADMIN_PASSWORD (str): Password used when creating the initial admin account.
@@ -86,7 +86,7 @@ class Config(dict):
     CAPTCHA_FONT: str
     TWO_STEP_SESSION_EXPIRATION: int
     AUTHENTICATION_SESSION_EXPIRATION: int
-    AUTHENTICATION_SESSION_REFRESH: int
+    AUTHENTICATION_REFRESH_EXPIRATION: int
     ALLOW_LOGIN_WITH_USERNAME: bool
     INITIAL_ADMIN_EMAIL: str
     INITIAL_ADMIN_PASSWORD: str

sanic_security/models.py

@@ -586,7 +586,7 @@ async def new(cls, request: Request, account: Account, **kwargs):
                 security_config.AUTHENTICATION_SESSION_EXPIRATION
             ),
             refresh_date=get_expiration_date(
-                security_config.AUTHENTICATION_SESSION_REFRESH
+                security_config.AUTHENTICATION_REFRESH_EXPIRATION
             )
         )
 

sanic_security/test/server.py

@@ -54,6 +54,7 @@
 app = Sanic("sanic-security-test")
 password_hasher = PasswordHasher()
 
+# TODO: Testing for new functionality.
 
 @app.post("api/test/auth/register")
 async def on_register(request):