Skip to content

Configuration

Mojito exposes the following settings that can be configured in code or through environment variables.

API

To access the config through code you can import the config and modify any of the keys: 

from mojito.config import Config

Config

Attributes:

Name Type Description
LOGIN_URL str

Defaults to /login
MESSAGE_FLASH_COOKIE str

Name of the cookie message flash data will be stored to.
SECRET_KEY str

Secret key used to encrypt sensitive data.
SUPERUSER_PERMISSION_NAME Optional[str]

The name of the superuser permission.
USER_SESSION_COOKIE str

Name of the user session cookie.
USER_SESSION_EXPIRES int

In seconds. How long the session cookie should be allowed to exist before being replaced.
USER_SESSION_REVALIDATE_AFTER int

In seconds. How long the session cookie should be considered valid before running revalidation
Source code in mojito/config.py 
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
class Config:
    SECRET_KEY: str = os.getenv("SECRET_KEY", "")
    """Secret key used to encrypt sensitive data.

    Defaults to empty string.
    """
    MESSAGE_FLASH_COOKIE: str = os.getenv("MESSAGE_FLASH_COOKIE", "mo_flash_messages")
    """Name of the cookie message flash data will be stored to.

    Defaults to `mo_flash_messages`
    """
    LOGIN_URL: str = os.getenv("LOGIN_URL", "/login")
    "Defaults to `/login`"
    USER_SESSION_COOKIE: str = os.getenv("USER_SESSION_COOKIE", "mo_user_session")
    """Name of the user session cookie.

    Defaults to `mo_user_session`
    """
    USER_SESSION_EXPIRES: int = int(os.getenv("USER_SESSION_EXPIRES", 60 * 60 * 24 * 7))
    """In seconds. How long the session cookie should be allowed to exist before being replaced.

    Defaults to 1 week.
    """
    USER_SESSION_REVALIDATE_AFTER: int = int(
        os.getenv("USER_SESSION_REVALIDATE_AFTER", 0)
    )
    """In seconds. How long the session cookie should be considered valid before running revalidation
    on the users authentication. Within this time, as long as the cookie signature is
    valid, the user will be considered authenticated and all the cookie data will be used.

    Defaults to 0, revalidate on every request.
    """
    SUPERUSER_PERMISSION_NAME: Optional[str] = os.getenv("SUPERUSER_PERMISSION_NAME")
    """The name of the superuser permission.

    When present in the Request.user.permissions, this role will bypass any permission (authorization) 
    requirements defined for a route function. This permission does not bypass authentication.
    """

LOGIN_URL: str = os.getenv('LOGIN_URL', '/login') class-attribute instance-attribute

Defaults to /login

Name of the cookie message flash data will be stored to.

Defaults to mo_flash_messages

SECRET_KEY: str = os.getenv('SECRET_KEY', '') class-attribute instance-attribute

Secret key used to encrypt sensitive data.

Defaults to empty string.

SUPERUSER_PERMISSION_NAME: Optional[str] = os.getenv('SUPERUSER_PERMISSION_NAME') class-attribute instance-attribute

The name of the superuser permission.

When present in the Request.user.permissions, this role will bypass any permission (authorization) requirements defined for a route function. This permission does not bypass authentication.

Name of the user session cookie.

Defaults to mo_user_session

USER_SESSION_EXPIRES: int = int(os.getenv('USER_SESSION_EXPIRES', 60 * 60 * 24 * 7)) class-attribute instance-attribute

In seconds. How long the session cookie should be allowed to exist before being replaced.

Defaults to 1 week.

USER_SESSION_REVALIDATE_AFTER: int = int(os.getenv('USER_SESSION_REVALIDATE_AFTER', 0)) class-attribute instance-attribute

In seconds. How long the session cookie should be considered valid before running revalidation on the users authentication. Within this time, as long as the cookie signature is valid, the user will be considered authenticated and all the cookie data will be used.

Defaults to 0, revalidate on every request.