In my application, user's will have their accounts created for them by other people, so I want to send a password reset email to them so they can set their password and log in. The problem is I don't want these links to expire after 60 minutes like the default password reset emails. Now I could change the expiry time, but I want regular password resets to stay at 60 minutes, but the welcome email link to either never expire or expire after some long amount of time.
How can I go about doing this without implementing a second token system, I can't seem to find anything about this.
I suppose I could also just allow the user to re-send the welcome email if their token expires, but that is kind of annoying.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire