[Bug] fix misusing ACCESS_TOKEN_EXPIRE_MINUTES in jwt on exp (#21030)

Co-authored-by: tech <cto@sb>
2025-06-18 09:37:49 +08:00
parent 4689e8953e
commit 61526c027d
1 changed files with 1 additions and 1 deletions
--- a/api/controllers/web/passport.py
+++ b/api/controllers/web/passport.py
@@ -163,7 +163,7 @@ def exchange_token_for_existing_web_user(app_code: str, enterprise_user_decoded:
        )
        db.session.add(end_user)
        db.session.commit()
-    exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES * 24)
+    exp_dt = datetime.now(UTC) + timedelta(minutes=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES)
    exp = int(exp_dt.timestamp())
    payload = {
        "iss": site.id,