core: don't rotate non-api tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
03da87991f
commit
14c159500d
|
@ -456,6 +456,14 @@ class Token(ManagedModel, ExpiringModel):
|
|||
"""Handler which is called when this object is expired."""
|
||||
from authentik.events.models import Event, EventAction
|
||||
|
||||
if self.intent in [
|
||||
TokenIntents.INTENT_RECOVERY,
|
||||
TokenIntents.INTENT_VERIFICATION,
|
||||
TokenIntents.INTENT_APP_PASSWORD,
|
||||
]:
|
||||
super().expire_action(*args, **kwargs)
|
||||
return
|
||||
|
||||
self.key = default_token_key()
|
||||
self.expires = default_token_duration()
|
||||
self.save(*args, **kwargs)
|
||||
|
|
|
@ -54,7 +54,9 @@ class TestTokenAPI(APITestCase):
|
|||
|
||||
def test_token_expire(self):
|
||||
"""Test Token expire task"""
|
||||
token: Token = Token.objects.create(expires=now(), user=get_anonymous_user())
|
||||
token: Token = Token.objects.create(
|
||||
expires=now(), user=get_anonymous_user(), intent=TokenIntents.INTENT_API
|
||||
)
|
||||
key = token.key
|
||||
clean_expired_models.delay().get()
|
||||
token.refresh_from_db()
|
||||
|
|
Reference in a new issue