diff options
| author | Kaio Cesar <rasec.k0@proton.me> | 2025-03-21 22:50:23 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-22 01:50:23 +0000 |
| commit | 71fff38aef839a749ebde45f5cad096d94644b72 (patch) | |
| tree | 3d030554d7c02fab87325b4233f6108d19f3b1a3 | |
| parent | bffbd43672ca9c3366b0e94c20fadb26d86dfdb9 (diff) | |
| download | karakeep-71fff38aef839a749ebde45f5cad096d94644b72.tar.zst | |
feat(auth): Added env variable for OAuth timeout (#1136)
* feat(auth): add configurable OAuth timeout option
* fix(config): change OAUTH_TIMEOUT to use z.coerce.number for better type handling
* docs: Added instructions for OAUTH_TIMEOUT flag
| -rw-r--r-- | apps/web/server/auth.ts | 3 | ||||
| -rw-r--r-- | docs/docs/03-configuration.md | 1 | ||||
| -rw-r--r-- | packages/shared/config.ts | 2 |
3 files changed, 6 insertions, 0 deletions
diff --git a/apps/web/server/auth.ts b/apps/web/server/auth.ts index ee226743..8fa60a75 100644 --- a/apps/web/server/auth.ts +++ b/apps/web/server/auth.ts @@ -114,6 +114,9 @@ if (oauth.wellKnownUrl) { allowDangerousEmailAccountLinking: oauth.allowDangerousEmailAccountLinking, idToken: true, checks: ["pkce", "state"], + httpOptions: { + timeout: oauth.timeout, + }, async profile(profile: Record<string, string>) { const [admin, firstUser] = await Promise.all([ isAdmin(profile.email), diff --git a/docs/docs/03-configuration.md b/docs/docs/03-configuration.md index 36de8295..6e11774e 100644 --- a/docs/docs/03-configuration.md +++ b/docs/docs/03-configuration.md @@ -35,6 +35,7 @@ When setting up OAuth, the allowed redirect URLs configured at the provider shou | OAUTH_SCOPE | No | "openid email profile" | "Full list of scopes to request (space delimited)" | | OAUTH_PROVIDER_NAME | No | "Custom Provider" | The name of your provider. Will be shown on the signup page as "Sign in with `<name>`" | | OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING | No | false | Whether existing accounts in hoarder stored in the database should automatically be linked with your OAuth account. Only enable it if you trust the OAuth provider! | +| OAUTH_TIMEOUT | No | 3500 | The wait time in milliseconds for the OAuth provider response. Increase this if you are having `outgoing request timed out` errors | For more information on `OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING`, check the [next-auth.js documentation](https://next-auth.js.org/configuration/providers/oauth#allowdangerousemailaccountlinking-option). diff --git a/packages/shared/config.ts b/packages/shared/config.ts index f487478f..12578b1f 100644 --- a/packages/shared/config.ts +++ b/packages/shared/config.ts @@ -15,6 +15,7 @@ const allEnv = z.object({ OAUTH_WELLKNOWN_URL: z.string().url().optional(), OAUTH_CLIENT_SECRET: z.string().optional(), OAUTH_CLIENT_ID: z.string().optional(), + OAUTH_TIMEOUT: z.coerce.number().optional().default(3500), OAUTH_SCOPE: z.string().default("openid email profile"), OAUTH_PROVIDER_NAME: z.string().default("Custom Provider"), OPENAI_API_KEY: z.string().optional(), @@ -86,6 +87,7 @@ const serverConfigSchema = allEnv.transform((val) => { clientId: val.OAUTH_CLIENT_ID, scope: val.OAUTH_SCOPE, name: val.OAUTH_PROVIDER_NAME, + timeout: val.OAUTH_TIMEOUT, }, }, inference: { |