core: make generated token length configurable

closes #2574

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/core/models.py

@@ -62,7 +62,7 @@ def default_token_key():
     """Default token key"""
     # We use generate_id since the chars in the key should be easy
     # to use in Emails (for verification) and URLs (for recovery)
-    return generate_id(128)
+    return generate_id(int(CONFIG.y("default_token_length")))
 
 
 class Group(models.Model):

authentik/lib/default.yml

@@ -71,3 +71,4 @@ default_user_change_username: true
 
 gdpr_compliance: true
 cert_discovery_dir: /certs
+default_token_length: 128

website/docs/installation/configuration.md

@@ -179,6 +179,14 @@ Requires authentik 2021.12.1
 
 When enabled, all the events caused by a user will be deleted upon the user's deletion. Defaults to `true`.
 
+### AUTHENTIK_DEFAULT_TOKEN_LENGTH
+
+:::info
+Requires authentik 2022.4.1
+:::
+
+Configure the length of generated tokens. Defaults to 128.
+
 ### AUTHENTIK_FOOTER_LINKS
 
 :::info