docs(project): document the content-token endpoint and CONTENT_TOKEN_TTL
Add POST /files/{file_id}/content-token to the spec, note that the content
GET's access_token parameter also accepts a content token, and document the
CONTENT_TOKEN_TTL knob (default 6h) and its leak/revocation trade-off.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -54,6 +54,14 @@ JWT_SECRET=change-me-to-a-random-32-byte-secret
|
||||
JWT_ACCESS_TTL=15m
|
||||
JWT_REFRESH_TTL=720h
|
||||
|
||||
# How long a content token is valid. It's a single-file capability the client
|
||||
# puts in a media URL to open/stream an original by link (e.g. a long video in a
|
||||
# new tab), so playback survives the short access-token expiry and session
|
||||
# rotation. Longer = fewer interruptions but a wider window in which a leaked URL
|
||||
# can read that one file; it can't be revoked before expiry. Keep it roughly as
|
||||
# long as a viewing session lasts.
|
||||
CONTENT_TOKEN_TTL=6h
|
||||
|
||||
# Reverse-proxy hops (comma-separated CIDRs/IPs) whose X-Forwarded-For is trusted,
|
||||
# so the auth rate limiter sees real client IPs instead of the proxy's. The default
|
||||
# covers loopback and the Docker bridge ranges a host nginx reaches the container
|
||||
|
||||
Reference in New Issue
Block a user