Is there an Expiration on the Confirm Email Link, Password Reset Link, or 2 Factor Code? #2583 | Support

balessi75 created 2 years ago

Abp Commercial 5.1.3 / EF / Non-Tiered / Blazor Server

Is there an expiration on the confirm email link, password reset link, or 2 factor code in Abp? If so what is it's default expiration time and how can it be changed and or implemented (if not provided by Abp)?

2 Answer(s)

0

maliming created 2 years ago
Support Team Fullstack Developer

hi

For 6-digit codes it is valid for 3 minutes, others default to 1 day, of course you can configure it. This belongs to ASP NET Core Identity.

https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/Rfc6238AuthenticationService.cs#L16

https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.identity.dataprotectiontokenprovideroptions.tokenlifespan?view=aspnetcore-6.0#microsoft-aspnetcore-identity-dataprotectiontokenprovideroptions-tokenlifespan
0

balessi75 created 2 years ago

hi

For 6-digit codes it is valid for 3 minutes, others default to 1 day, of course you can configure it. This belongs to ASP NET Core Identity.

https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/Rfc6238AuthenticationService.cs#L16

https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.identity.dataprotectiontokenprovideroptions.tokenlifespan?view=aspnetcore-6.0#microsoft-aspnetcore-identity-dataprotectiontokenprovideroptions-tokenlifespan

Excellent! Thank you @maliming!

Have an answer to this question? Log in and write your answer.