设置django密码重置令牌的到期时间

时间:2021-06-12 20:29:02

I am using the inbuilt password reset functionality of Django which emails the user the password reset link. Is there an option in Django to set an expiration time to the link suppose 6 hours after which the link become invalid and user will have to request again for password recovery.

我正在使用Django的内置密码重置功能,它通过电子邮件向用户发送密码重置链接。 Django中是否有一个选项可以设置链接的到期时间,假设链接失效6小时后,用户必须再次请求密码恢复。

1 个解决方案

#1


23  

If you're using Django's built-in password reset functionality, you can use the setting PASSWORD_RESET_TIMEOUT_DAYS.

如果您正在使用Django的内置密码重置功能,则可以使用PASSWORD_RESET_TIMEOUT_DAYS设置。

Example: if a user uses a password reset link that was generated 2 days ago and you have PASSWORD_RESET_TIMEOUT_DAYS=1 in your project's settings, the link will be invalid and the user cannot continue.

示例:如果用户使用2天前生成的密码重置链接,并且项目设置中的PASSWORD_RESET_TIMEOUT_DAYS = 1,则链接将无效,用户无法继续。

More info here: https://docs.djangoproject.com/en/1.11/ref/settings/#password-reset-timeout-days

更多信息:https://docs.djangoproject.com/en/1.11/ref/settings/#password-reset-timeout-days

#1


23  

If you're using Django's built-in password reset functionality, you can use the setting PASSWORD_RESET_TIMEOUT_DAYS.

如果您正在使用Django的内置密码重置功能,则可以使用PASSWORD_RESET_TIMEOUT_DAYS设置。

Example: if a user uses a password reset link that was generated 2 days ago and you have PASSWORD_RESET_TIMEOUT_DAYS=1 in your project's settings, the link will be invalid and the user cannot continue.

示例:如果用户使用2天前生成的密码重置链接,并且项目设置中的PASSWORD_RESET_TIMEOUT_DAYS = 1,则链接将无效,用户无法继续。

More info here: https://docs.djangoproject.com/en/1.11/ref/settings/#password-reset-timeout-days

更多信息:https://docs.djangoproject.com/en/1.11/ref/settings/#password-reset-timeout-days