summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/services/api/graphql/libs/token_auth.py3
-rwxr-xr-xsrc/services/vyos-http-api-server1
2 files changed, 3 insertions, 1 deletions
diff --git a/src/services/api/graphql/libs/token_auth.py b/src/services/api/graphql/libs/token_auth.py
index fafb0f5af..3ecd8b855 100644
--- a/src/services/api/graphql/libs/token_auth.py
+++ b/src/services/api/graphql/libs/token_auth.py
@@ -11,7 +11,8 @@ def _check_passwd_pam(username: str, passwd: str) -> bool:
return False
def init_secret():
- secret = token_hex(16)
+ length = int(state.settings['app'].state.vyos_secret_len)
+ secret = token_hex(length)
state.settings['secret'] = secret
def generate_token(user: str, passwd: str, secret: str, exp: int) -> dict:
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server
index 4af27b949..3c390d9dc 100755
--- a/src/services/vyos-http-api-server
+++ b/src/services/vyos-http-api-server
@@ -699,6 +699,7 @@ if __name__ == '__main__':
# default value is merged in conf_mode http-api.py, if not set
app.state.vyos_auth_type = server_config['graphql']['authentication']['type']
app.state.vyos_token_exp = server_config['graphql']['authentication']['expiration']
+ app.state.vyos_secret_len = server_config['graphql']['authentication']['secret_length']
else:
app.state.vyos_graphql = False
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 00:33:45 +0000