Mercurial > prosody-modules
view mod_net_dovecotauth/README.markdown @ 5617:d8622797e315
mod_http_oauth2: Shorten default token validity periods
With refresh tokens, short lifetime for access tokens is not a problem.
The arbitrary choice of one hour seems reasonable. RFC 6749 has it as
example value.
One week for refresh tokens matching the default archive retention
period. This means that a client that remains unused for one week will
have to sign in again. An actively used client will continually push
that forward with each used refresh token.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 24 Jul 2023 01:30:14 +0200 |
| parents | 88474dd1af48 |
| children |
line wrap: on
line source
--- labels: ... Introduction ============ mod\_net\_dovecotauth is a server implementation of the Dovecot authentication protocol. It allows you to authenticate e.g. Postfix against your Prosody installation. Due to missing support for virtal hosts in this protocol, only one host can be supported. Configuration ============= Install and add to modules\_enabled like any other module. dovecotauth_host = "example.com" -- Must be a defined VirtualHost Compatibility ============= Works with 0.9