Hello. I am using Django’s built in reset password views in order to reset a users password. I want the link to become invalid/expire after 3 minutes. There is a property PASSWORD_RESET_TIMEOUT_DAYS which makes the link invalid after a certain number of days.
Can you enter a non-integer field here to represent 2 minutes, or is there an alternative method/attribute for implementing this functionality. Thanks.
Actually, according to ticket 28622, it’s just recently been merged! See https://code.djangoproject.com/ticket/28622?cversion=0&cnum_hist=3
@KenWhitesell Hi I have just tried the new property to accomplish this, however nothing changes. I think that it is going to be implemented in Django 3.1 release, as it currently is not working.
I’m sorry, I didn’t mean to imply that it’s part of the standard packages yet, just that it’s on its way.
If you really needed to implement it now, you could look at the new code and create the necessary classes to implement that functionality within your own project. (You’d probably need to implement new subclassses for PasswordResetView, PasswordResetConfirmView to use your new token, and a modified PasswordResetTokenGenerator. Maybe others.)