TIMEOUT -> MAX_AGE

Author: Archmonger

CHANGELOG.md

@@ -23,7 +23,7 @@ Don't forget to remove deprecated code on each major release!
 
 -   User login/logout features!
     -   `reactpy_django.hooks.use_auth` to provide **persistent** `login` and `logout` functionality to your components.
-    -   `settings.py:REACTPY_AUTH_TOKEN_TIMEOUT` to control the maximum seconds before ReactPy no longer allows the browser to obtain a persistent login cookie.
+    -   `settings.py:REACTPY_AUTH_TOKEN_MAX_AGE` to control the maximum seconds before ReactPy's login token expires.
     -   `settings.py:REACTPY_CLEAN_AUTH_TOKENS` to control whether ReactPy should clean up expired authentication tokens during automatic cleanups.
 -   Automatically convert Django forms to ReactPy forms via the new `reactpy_django.components.django_form` component!
 -   The ReactPy component tree can now be forcibly re-rendered via the new `reactpy_django.hooks.use_rerender` hook.

docs/src/reference/settings.md

@@ -73,15 +73,15 @@ Dotted path to the Django authentication backend to use for ReactPy components.
 
 ---
 
-### `#!python REACTPY_AUTH_TOKEN_TIMEOUT`
+### `#!python REACTPY_AUTH_TOKEN_MAX_AGE`
 
 **Default:** `#!python 30`
 
 **Example Value(s):** `#!python 5`
 
-Maximum seconds before ReactPy no longer allows the browser to obtain a login cookie.
+Maximum seconds before ReactPy's login token expires.
 
-This setting exists because Django's authentication design require cookies to retain login status. ReactPy is rendered via WebSockets, and browsers do not allow active WebSocket connections to modify cookies.
+This setting exists because Django's authentication design requires cookies to retain login status. ReactPy is rendered via WebSockets, and browsers do not allow active WebSocket connections to modify cookies.
 
 To work around this limitation, this setting provides a maximum validity period of a temporary login token. When `#!python reactpy_django.hooks.use_auth().login()` is called within your application, ReactPy will automatically create this temporary login token and command the browser to fetch it via HTTP.
 

src/reactpy_django/auth/components.py

@@ -63,10 +63,10 @@ async def synchronize_auth_watchdog():
         This effect will automatically be cancelled if the session is successfully
         synchronized (via effect dependencies)."""
         if sync_needed:
-            await asyncio.sleep(config.REACTPY_AUTH_TOKEN_TIMEOUT + 0.1)
+            await asyncio.sleep(config.REACTPY_AUTH_TOKEN_MAX_AGE + 0.1)
             await asyncio.to_thread(
                 _logger.warning,
-                f"Client did not switch authentication sessions within {config.REACTPY_AUTH_TOKEN_TIMEOUT} (REACTPY_AUTH_TOKEN_TIMEOUT) seconds.",
+                f"Client did not switch authentication sessions within {config.REACTPY_AUTH_TOKEN_MAX_AGE} (REACTPY_AUTH_TOKEN_MAX_AGE) seconds.",
             )
             set_sync_needed(False)
 

src/reactpy_django/checks.py

@@ -230,23 +230,23 @@ def reactpy_warnings(app_configs, **kwargs):
             )
         )
 
-    # Check if REACTPY_AUTH_TOKEN_TIMEOUT is a large value
-    auth_token_timeout = config.REACTPY_AUTH_TOKEN_TIMEOUT
+    # Check if REACTPY_AUTH_TOKEN_MAX_AGE is a large value
+    auth_token_timeout = config.REACTPY_AUTH_TOKEN_MAX_AGE
     if isinstance(auth_token_timeout, int) and auth_token_timeout > 120:
         warnings.append(
             Warning(
-                "REACTPY_AUTH_TOKEN_TIMEOUT is set to a very large value.",
-                hint="It is suggested to keep REACTPY_AUTH_TOKEN_TIMEOUT under 120 seconds to prevent security risks.",
+                "REACTPY_AUTH_TOKEN_MAX_AGE is set to a very large value.",
+                hint="It is suggested to keep REACTPY_AUTH_TOKEN_MAX_AGE under 120 seconds to prevent security risks.",
                 id="reactpy_django.W020",
             )
         )
 
-    # Check if REACTPY_AUTH_TOKEN_TIMEOUT is a small value
+    # Check if REACTPY_AUTH_TOKEN_MAX_AGE is a small value
     if isinstance(auth_token_timeout, int) and auth_token_timeout <= 2:
         warnings.append(
             Warning(
-                "REACTPY_AUTH_TOKEN_TIMEOUT is set to a very low value.",
-                hint="It is suggested to keep REACTPY_AUTH_TOKEN_TIMEOUT above 2 seconds to account for client and server latency.",
+                "REACTPY_AUTH_TOKEN_MAX_AGE is set to a very low value.",
+                hint="It is suggested to keep REACTPY_AUTH_TOKEN_MAX_AGE above 2 seconds to account for client and server latency.",
                 id="reactpy_django.W021",
             )
         )
@@ -544,22 +544,22 @@ def reactpy_errors(app_configs, **kwargs):
             )
         )
 
-    # Check if REACTPY_AUTH_TOKEN_TIMEOUT is a valid data type
-    if not isinstance(config.REACTPY_AUTH_TOKEN_TIMEOUT, int):
+    # Check if REACTPY_AUTH_TOKEN_MAX_AGE is a valid data type
+    if not isinstance(config.REACTPY_AUTH_TOKEN_MAX_AGE, int):
         errors.append(
             Error(
-                "Invalid type for REACTPY_AUTH_TOKEN_TIMEOUT.",
-                hint="REACTPY_AUTH_TOKEN_TIMEOUT should be an integer.",
+                "Invalid type for REACTPY_AUTH_TOKEN_MAX_AGE.",
+                hint="REACTPY_AUTH_TOKEN_MAX_AGE should be an integer.",
                 id="reactpy_django.E028",
             )
         )
 
-    # Check if REACTPY_AUTH_TOKEN_TIMEOUT is a positive integer
-    if isinstance(config.REACTPY_AUTH_TOKEN_TIMEOUT, int) and config.REACTPY_AUTH_TOKEN_TIMEOUT < 0:
+    # Check if REACTPY_AUTH_TOKEN_MAX_AGE is a positive integer
+    if isinstance(config.REACTPY_AUTH_TOKEN_MAX_AGE, int) and config.REACTPY_AUTH_TOKEN_MAX_AGE < 0:
         errors.append(
             Error(
-                "Invalid value for REACTPY_AUTH_TOKEN_TIMEOUT.",
-                hint="REACTPY_AUTH_TOKEN_TIMEOUT should be a non-negative integer.",
+                "Invalid value for REACTPY_AUTH_TOKEN_MAX_AGE.",
+                hint="REACTPY_AUTH_TOKEN_MAX_AGE should be a non-negative integer.",
                 id="reactpy_django.E029",
             )
         )

src/reactpy_django/config.py

@@ -39,9 +39,9 @@
     "REACTPY_SESSION_MAX_AGE",
     259200,  # Default to 3 days
 )
-REACTPY_AUTH_TOKEN_TIMEOUT: int = getattr(
+REACTPY_AUTH_TOKEN_MAX_AGE: int = getattr(
     settings,
-    "REACTPY_AUTH_TOKEN_TIMEOUT",
+    "REACTPY_AUTH_TOKEN_MAX_AGE",
     30,  # Default to 30 seconds
 )
 REACTPY_CACHE: str = getattr(

src/reactpy_django/models.py

@@ -34,10 +34,9 @@ class AuthToken(models.Model):
 
     @property
     def expired(self) -> bool:
-        """Check the client has exceeded the max timeout."""
-        from reactpy_django.config import REACTPY_AUTH_TOKEN_TIMEOUT
+        from reactpy_django.config import REACTPY_AUTH_TOKEN_MAX_AGE
 
-        return self.created_at < (timezone.now() - timedelta(seconds=REACTPY_AUTH_TOKEN_TIMEOUT))
+        return self.created_at < (timezone.now() - timedelta(seconds=REACTPY_AUTH_TOKEN_MAX_AGE))
 
 
 class Config(models.Model):

src/reactpy_django/tasks.py

@@ -72,13 +72,13 @@ def clean_component_sessions(verbosity: int = 1):
 
 
 def clean_auth_tokens(verbosity: int = 1):
-    from reactpy_django.config import DJANGO_DEBUG, REACTPY_AUTH_TOKEN_TIMEOUT
+    from reactpy_django.config import DJANGO_DEBUG, REACTPY_AUTH_TOKEN_MAX_AGE
     from reactpy_django.models import AuthToken
 
     if verbosity >= 2:
         _logger.info("Cleaning ReactPy auth tokens...")
     start_time = timezone.now()
-    expiration_date = timezone.now() - timedelta(seconds=REACTPY_AUTH_TOKEN_TIMEOUT)
+    expiration_date = timezone.now() - timedelta(seconds=REACTPY_AUTH_TOKEN_MAX_AGE)
     synchronizer_objects = AuthToken.objects.filter(created_at__lte=expiration_date)
 
     if verbosity >= 2: