* #1928 Add a sentence indicating the reset time limit on form and email
* #1928 Customizable password reset lifetime
* #1928 Add a route to verify reset link and call it on reset form init
* Revert "#1928 Customizable password reset lifetime"
This reverts commit
0ed97453f8e64e31a723cc6740b251a69a57d658.
* #1928 Reset password lifetime hardcoded to one hour
* Remove useless modifications for #1928
.subscribe(
() => {
const message = this.i18n(
- 'An email with the reset password instructions will be sent to {{email}}.',
+ 'An email with the reset password instructions will be sent to {{email}}. The link will expire within 1 hour.',
{ email: this.forgotPasswordEmail }
)
this.notifier.success(message)
// Password encryption
const BCRYPT_SALT_SIZE = 10
-const USER_PASSWORD_RESET_LIFETIME = 60000 * 5 // 5 minutes
+const USER_PASSWORD_RESET_LIFETIME = 60000 * 60 // 60 minutes
const USER_EMAIL_VERIFY_LIFETIME = 60000 * 60 // 60 minutes
addPasswordResetEmailJob (to: string, resetPasswordUrl: string) {
const text = `Hi dear user,\n\n` +
`A reset password procedure for your account ${to} has been requested on ${WEBSERVER.HOST} ` +
- `Please follow this link to reset it: ${resetPasswordUrl}\n\n` +
+ `Please follow this link to reset it: ${resetPasswordUrl} (the link will expire within 1 hour)\n\n` +
`If you are not the person who initiated this request, please ignore this email.\n\n` +
`Cheers,\n` +
`${CONFIG.EMAIL.BODY.SIGNATURE}`
projects / oweals / peertube.git / commitdiff