Parse ui_auth.session_timeout as a duration (instead of treating it as ms) (#9426)

arya2331 · web-flow · commit e17553e185aa · 2021-02-18T09:18:14.000-05:00
diff --git a/changelog.d/9426.bugfix b/changelog.d/9426.bugfix
@@ -0,0 +1 @@
+The `ui_auth.session_timeout` configuration setting can now be specified in terms of number of seconds/minutes/etc/. Contributed by Rishabh Arya.
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
@@ -2228,8 +2228,8 @@ password_config:
       #require_uppercase: true
 
 ui_auth:
-    # The number of milliseconds to allow a user-interactive authentication
-    # session to be active.
+    # The amount of time to allow a user-interactive authentication session
+    # to be active.
     #
     # This defaults to 0, meaning the user is queried for their credentials
     # before every action, but this can be overridden to allow a single
@@ -2240,7 +2240,7 @@ ui_auth:
     # Uncomment below to allow for credential validation to last for 15
     # seconds.
     #
-    #session_timeout: 15000
+    #session_timeout: "15s"
 
 
 # Configuration for sending emails from Synapse.
diff --git a/synapse/config/auth.py b/synapse/config/auth.py
@@ -37,7 +37,9 @@ def read_config(self, config, **kwargs):
 
         # User-interactive authentication
         ui_auth = config.get("ui_auth") or {}
-        self.ui_auth_session_timeout = ui_auth.get("session_timeout", 0)
+        self.ui_auth_session_timeout = self.parse_duration(
+            ui_auth.get("session_timeout", 0)
+        )
 
     def generate_config_section(self, config_dir_path, server_name, **kwargs):
         return """\
@@ -93,8 +95,8 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs):
               #require_uppercase: true
 
         ui_auth:
-            # The number of milliseconds to allow a user-interactive authentication
-            # session to be active.
+            # The amount of time to allow a user-interactive authentication session
+            # to be active.
             #
             # This defaults to 0, meaning the user is queried for their credentials
             # before every action, but this can be overridden to allow a single
@@ -105,5 +107,5 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs):
             # Uncomment below to allow for credential validation to last for 15
             # seconds.
             #
-            #session_timeout: 15000
+            #session_timeout: "15s"
         """
diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py
@@ -343,7 +343,7 @@ def test_cannot_change_uri(self):
             },
         )
 
-    @unittest.override_config({"ui_auth": {"session_timeout": 5 * 1000}})
+    @unittest.override_config({"ui_auth": {"session_timeout": "5s"}})
     def test_can_reuse_session(self):
         """
         The session can be reused if configured.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+The `ui_auth.session_timeout` configuration setting can now be specified in terms of number of seconds/minutes/etc/. Contributed by Rishabh Arya.
Original file line number	Diff line number	Diff line change
`@@ -343,7 +343,7 @@ def test_cannot_change_uri(self):`
`343`	`343`	`},`
`344`	`344`	`)`
`345`	`345`
`346`		`- @unittest.override_config({"ui_auth": {"session_timeout": 5 * 1000}})`
	`346`	`+ @unittest.override_config({"ui_auth": {"session_timeout": "5s"}})`
`347`	`347`	`def test_can_reuse_session(self):`
`348`	`348`	`"""`
`349`	`349`	`The session can be reused if configured.`