Skip to content

Commit d502a7b

Browse files
committed
add configuration option to token expiration time
1 parent 77f783d commit d502a7b

File tree

2 files changed

+10
-3
lines changed

2 files changed

+10
-3
lines changed

src/BackpackServiceProvider.php

+5-3
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,10 @@ class BackpackServiceProvider extends ServiceProvider
3030

3131
// Indicates if loading of the provider is deferred.
3232
protected $defer = false;
33+
3334
// Where the route file lives, both inside the package and in the app (if overwritten).
3435
public $routeFilePath = '/routes/backpack/base.php';
36+
3537
// Where custom routes can be written, and will be registered by Backpack.
3638
public $customRoutesFilePath = '/routes/backpack/custom.php';
3739

@@ -40,7 +42,7 @@ class BackpackServiceProvider extends ServiceProvider
4042
*
4143
* @return void
4244
*/
43-
public function boot(\Illuminate\Routing\Router $router)
45+
public function boot(Router $router)
4446
{
4547
$this->loadViewsWithFallbacks();
4648
$this->loadTranslationsFrom(realpath(__DIR__.'/resources/lang'), 'backpack');
@@ -259,8 +261,8 @@ public function loadConfigs()
259261
'backpack' => [
260262
'provider' => 'backpack',
261263
'table' => 'password_resets',
262-
'expire' => 60,
263-
'throttle' => config('backpack.base.password_recovery_throttle_notifications'),
264+
'expire' => config('backpack.base.password_recovery_token_expiration', 60),
265+
'throttle' => config('backpack.base.password_recovery_throttle_notifications'),
264266
],
265267
];
266268

src/config/backpack/base.php

+5
Original file line numberDiff line numberDiff line change
@@ -236,6 +236,11 @@
236236
// password reset, before they can try again for the same email?
237237
'password_recovery_throttle_notifications' => 600, // time in seconds
238238

239+
// How much time should the token sent to user email be considered valid?
240+
// After this time expires, user need to request a new reset token
241+
// for the given email account.
242+
'password_recovery_token_expiration' => 60, // time in minutes
243+
239244
// Backpack will prevent an IP from trying to reset the password too many times,
240245
// so that a malicious actor cannot try too many emails, too see if they have
241246
// accounts or to increase the AWS/SendGrid/etc bill.

0 commit comments

Comments
 (0)