From 4b2c8ba204682f2c8bde229d9f6ff1350f8bc64e Mon Sep 17 00:00:00 2001
From: tech <cto@sb>
Date: Sun, 15 Jun 2025 20:10:27 +0800
Subject: [PATCH] [Bug] fix misusing ACCESS_TOKEN_EXPIRE_MINUTES in jwt on exp

---
 api/controllers/web/passport.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/controllers/web/passport.py b/api/controllers/web/passport.py
index 9d229185f3..10c3cdcf0e 100644
--- a/api/controllers/web/passport.py
+++ b/api/controllers/web/passport.py
@@ -163,7 +163,7 @@ def exchange_token_for_existing_web_user(app_code: str, enterprise_user_decoded:
         )
         db.session.add(end_user)
         db.session.commit()
-    exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES * 24)
+    exp_dt = datetime.now(UTC) + timedelta(minutes=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES)
     exp = int(exp_dt.timestamp())
     payload = {
         "iss": site.id,