Reputation: 3161
Django expiring "password reset" model
Let's say my website will have a "reset password" button for when the user forgets his password, it will generate a link with a hash based on url_token field from Password_Reset_Token and email it to the user.
If the user access the url, the view can then reset his password and delete the Password_Reset_Token object.
But what if it expires and the link isn't accessed? Is there a way to add a daily task to clean expired objects?
Or is there a more clever way to do this?
Worth nothing that my application is entirely AJAX based and has no url redirecting
class Password_Reset_Token(models.Model):
url_token = models.AutoField(primary_key = True)
created_date = models.DateTimeField(auto_now_add=True)
user = models.OneToOneField(User, on_delete=models.CASCADE)
expiringdays = models.IntegerField(default = 12)
Upvotes: 0
Views: 424
Answers (1)
Reputation: 4366
I would recommend creating a custom command that purges expired records. Run that periodically or via an automated process such as cron.
Upvotes: 2
Related Questions
- setting expiration time to django password reset token
- Django force password expiration
- Can PASSWORD_RESET_TIMEOUT_DAYS in Django be set to .5 days or hours?
- Django password reset function view
- Django Password Reset
- How to expire password reset token after password changed?
- Resetting Password in Django
- Django password reset function
- Django password reset form
- Django. How to expire all user passwords?