add TOKEN_TIME and DEFAULT_EMAIL

mealie/core/config.py

@@ -117,8 +117,11 @@ class AppSettings(BaseSettings):
         return app_dirs.SQLITE_DIR.joinpath(f"mealie_{DB_VERSION}.sqlite")
 
     DEFAULT_GROUP: str = "Home"
+    DEFAULT_EMAIL: str = "changeme@email.com"
     DEFAULT_PASSWORD: str = "MyPassword"
 
+    TOKEN_TIME: int = 2 # Time in Hours
+
     # Not Used!
     SFTP_USERNAME: Optional[str]
     SFTP_PASSWORD: Optional[str]

mealie/core/security.py

@@ -13,10 +13,10 @@ ALGORITHM = "HS256"
 
 def create_access_token(data: dict(), expires_delta: timedelta = None) -> str:
     to_encode = data.copy()
-    if expires_delta:
-        expire = datetime.utcnow() + expires_delta
-    else:
-        expire = datetime.utcnow() + timedelta(minutes=120)
+    expires_delta = expires_delta or timedelta(hours=settings.TOKEN_TIME)
+    
+    expire = datetime.utcnow() + expires_delta
+
     to_encode.update({"exp": expire})
     return jwt.encode(to_encode, settings.SECRET, algorithm=ALGORITHM)
 
@@ -27,7 +27,7 @@ def create_file_token(file_path: Path) -> bool:
 
 
 def authenticate_user(session, email: str, password: str) -> UserInDB:
-    user: UserInDB = db.users.get(session, email, "email")
+    user: UserInDB = db.users.get(session, email, "email", any_case=True)
     if not user:
         return False
     if not verify_password(password, user.password):

mealie/db/init_db.py

@@ -40,7 +40,7 @@ def default_group_init(session: Session):
 def default_user_init(session: Session):
     default_user = {
         "full_name": "Change Me",
-        "email": "changeme@email.com",
+        "email": settings.DEFAULT_EMAIL,
         "password": get_password_hash(settings.DEFAULT_PASSWORD),
         "group": settings.DEFAULT_GROUP,
         "admin": True,

mealie/routes/deps.py

@@ -29,7 +29,7 @@ async def get_current_user(token: str = Depends(oauth2_scheme), session=Depends(
     except JWTError:
         raise credentials_exception
 
-    user = db.users.get(session, token_data.username, "email")
+    user = db.users.get(session, token_data.username, "email", any_case=True)
     if user is None:
         raise credentials_exception
     return user

mealie/routes/users/auth.py

@@ -32,7 +32,7 @@ def get_token(
             headers={"WWW-Authenticate": "Bearer"},
         )
 
-    access_token = security.create_access_token(dict(sub=email), timedelta(hours=2))
+    access_token = security.create_access_token(dict(sub=email))
     return SnackResponse.success(
         "User Successfully Logged In",
         {"access_token": access_token, "token_type": "bearer"},
@@ -42,5 +42,5 @@ def get_token(
 @router.get("/refresh")
 async def refresh_token(current_user: UserInDB = Depends(get_current_user)):
     """ Use a valid token to get another token"""
-    access_token = security.create_access_token(data=dict(sub=current_user.email), expires_delta=timedelta(hours=1))
+    access_token = security.create_access_token(data=dict(sub=current_user.email))
     return {"access_token": access_token, "token_type": "bearer"}

mealie/routes/users/crud.py

@@ -83,7 +83,7 @@ async def update_user(
     if current_user.id == id or current_user.admin:
         db.users.update(session, id, new_data.dict())
     if current_user.id == id:
-        access_token = security.create_access_token(data=dict(sub=new_data.email), expires_delta=timedelta(hours=2))
+        access_token = security.create_access_token(data=dict(sub=new_data.email))
         token = {"access_token": access_token, "token_type": "bearer"}
 
     return SnackResponse.success("User Updated", token)

mealie/schema/auth.py

@@ -1,6 +1,8 @@
-from pydantic import BaseModel
 from typing import Optional
 
+from pydantic import BaseModel
+from pydantic.types import constr
+
 
 class Token(BaseModel):
     access_token: str
@@ -8,4 +10,4 @@ class Token(BaseModel):
 
 
 class TokenData(BaseModel):
-    username: Optional[str] = None
+    username: Optional[constr(to_lower=True, strip_whitespace=True)] = None

template.env

@@ -3,7 +3,9 @@ DEFAULT_GROUP=Home
 ENV=False
 API_PORT=9000
 API_DOCS=True
-DB_TYPE='sqlite'
+DB_TYPE=sqlite
+DEFAULT_EMAIL=changeme@email.com
 DEFAULT_PASSWORD=MyPassword
+TOKEN_TIME=2
 SFTP_USERNAME=None
 SFTP_PASSWORD=None