Generated api token not valid after some hours

[smart-clouds-09]

The tokens, which are generated with create_token.sh are not valid anymore after a time, in my case some hours.
I have been using the token for papermerge-cli to import docs. After a time papermerge-cli throws :

/usr/local/lib/python3.10/site-packages/pydantic/_migration.py:283: UserWarning: pydantic.generics:GenericModel has been moved to pydantic.BaseModel.
warnings.warn(f'{import_path} has been moved to {new_location}.')
Unauthorized

Is a new token generated, it works for a while

Info:

• Papermerge Version 3.0.3

[ciur]

Default expiration time for the token is 360 minutes (i.e. 6 hours). If you want to change that use PAPERMERGE__SECURITY__TOKEN_EXPIRE_MINUTES settings. I forgot to add that to docs. I will mark this ticket as documentation issue and update documentation accordingly.

[smart-clouds-09]

thanks, is there a value for unexpired ?

[ciur]

I've updated documentation.

Is there a value for unexpired

No. Just set it to big enough value. E.g. 525600 (60x24x365) is the number of minutes in a year.

[smart-clouds-09]

meanwhile I have written a script, which updates the token after a few minutes. Thank for updating the docs

[WolfgangFahl]

Please reopen the issue and change the default to at least 1 year.
https://docs.papermerge.io/3.0/rest-api/token/ is also hard to find - this should be part of describing the API

[WolfgangFahl]

thx i am using

# Token expiration time in minutes. Here, it's set to 2 years (1051200 minutes).
# Adjust as necessary for your security requirements.
PAPERMERGE__SECURITY__TOKEN_EXPIRE_MINUTES=1051200

as a workaround in the papermerge script at https://github.com/WolfgangFahl/scan2wiki/blob/main/scripts/papermerge

see also https://wiki.bitplan.com/index.php/Papermerge#Exploring_the_environment_variables