From 226ebb17290b604ef29e82fb5c1fbac3594ac163 Mon Sep 17 00:00:00 2001 From: Hasan Ramezani Date: Fri, 23 Aug 2019 17:14:07 +0200 Subject: Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. --- docs/ref/settings.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'docs/ref') diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index a517a72f2f..fe103162ef 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -2872,6 +2872,19 @@ doesn't have a ``next_page`` attribute. If ``None``, no redirect will be performed and the logout view will be rendered. +.. setting:: PASSWORD_RESET_TIMEOUT + +``PASSWORD_RESET_TIMEOUT`` +-------------------------- + +.. versionadded:: 3.1 + +Default: ``259200`` (3 days, in seconds) + +The minimum number of seconds a password reset link is valid for. + +Used by the :class:`~django.contrib.auth.views.PasswordResetConfirmView`. + .. setting:: PASSWORD_RESET_TIMEOUT_DAYS ``PASSWORD_RESET_TIMEOUT_DAYS`` @@ -2884,6 +2897,10 @@ when the link is generated, it will be valid for up to a day longer. Used by the :class:`~django.contrib.auth.views.PasswordResetConfirmView`. +.. deprecated:: 3.1 + + This setting is deprecated. Use :setting:`PASSWORD_RESET_TIMEOUT` instead. + .. setting:: PASSWORD_HASHERS ``PASSWORD_HASHERS`` -- cgit v1.3