#30423 closed New feature (wontfix)
Make PasswordResetTokenGenerator's timeout extendable.
Reported by: | Antoine Humeau | Owned by: | Antoine Humeau |
---|---|---|---|
Component: | Uncategorized | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Pull Requests: | |||
Change History (4)
comment:1 by , 6 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 6 years ago
Has patch: | set |
---|
comment:3 by , 6 years ago
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
Summary: | Make PasswordResetTokenGenerator's timeout extendable → Make PasswordResetTokenGenerator's timeout extendable. |
Version: | 2.2 → master |
Thanks for the ticket, however PasswordResetTokenGenerator
is not a universal token generator. I wouldn't use it for other tokens. You can use TimestampSigner
to create one time login links (see Cryptographic signing) or subclass PasswordResetTokenGenerator
(probably you should override also _make_hash_value()
).
Related with #19871.
comment:4 by , 5 years ago
The issue this PR tried to fix was the difficult to subclass PasswordResetTokenGenerator
with custom timeout to support the solution suggested by @felixxm.
Note:
See TracTickets
for help on using tickets.
Pull request: https://github.com/django/django/pull/11302