Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

E-mail confirmation token shouldn't expire #448

Closed
DavidMStraub opened this issue Nov 5, 2023 · 1 comment
Closed

E-mail confirmation token shouldn't expire #448

DavidMStraub opened this issue Nov 5, 2023 · 1 comment
Labels
bug Something isn't working

Comments

@DavidMStraub
Copy link
Member

Currently, the e-mail confirmation token expires after one hour. That doesn't make much sense because often those e-mails land in the junk folder. If the new user doesn't manage to click the link within one hour, their account is blocked until the admin manually confirms it, because they can't confirm anymore.

Alternatively, we need an endpoint to trigger a new confirmation e-mail. But I don't see a security risk in simply not expiring the token.
@DavidMStraub DavidMStraub added the bug Something isn't working label Nov 5, 2023
@DavidMStraub DavidMStraub mentioned this issue Nov 5, 2023
Merged
@DavidMStraub
Copy link
Member Author

Fixed by #450.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DavidMStraub