LFS: make HTTP auth period configurable (#4035)

* LFS: make HTTP auth period configurable

* Formatting: Removed semicolon

Due to automated fmt-check failure (drone.gitea.io)

* applying code reviews

* Applied code review comment: Change HTTPAuthExpiry to time.Duration

* Updated config cheat sheet

modules/setting/setting.go

@@ -136,10 +136,11 @@ var (
 	}
 
 	LFS struct {
-		StartServer     bool   `ini:"LFS_START_SERVER"`
-		ContentPath     string `ini:"LFS_CONTENT_PATH"`
-		JWTSecretBase64 string `ini:"LFS_JWT_SECRET"`
-		JWTSecretBytes  []byte `ini:"-"`
+		StartServer     bool          `ini:"LFS_START_SERVER"`
+		ContentPath     string        `ini:"LFS_CONTENT_PATH"`
+		JWTSecretBase64 string        `ini:"LFS_JWT_SECRET"`
+		JWTSecretBytes  []byte        `ini:"-"`
+		HTTPAuthExpiry  time.Duration `ini:"LFS_HTTP_AUTH_EXPIRY"`
 	}
 
 	// Security settings
@@ -828,6 +829,9 @@ func NewContext() {
 		LFS.ContentPath = filepath.Join(AppWorkPath, LFS.ContentPath)
 	}
 
+	sec = Cfg.Section("LFS")
+	LFS.HTTPAuthExpiry = sec.Key("LFS_HTTP_AUTH_EXPIRY").MustDuration(20 * time.Minute)
+
 	if LFS.StartServer {
 
 		if err := os.MkdirAll(LFS.ContentPath, 0700); err != nil {