So I already know that the default Time of Validation for the password reset link is 3 days, .
from – https://docs.djangoproject.com/en/4.0/ref/settings/#password-reset-timeout
but what happen if i send 3-4 mails for reset password,i use only one of them – what about the another links ?
as i say i sent 3-4 mails so i have 3-4 links.
If I used one link will the rest of the links no longer be valid?
someone know how its work ?
>Solution :
There is a great article on how the reset password mechanism works: https://www.sjoerdlangkemper.nl/2016/04/07/djangos-reset-password-mechanism/
As the token consists of:
- user ID
- password
- time of last login
- current date
any previously sent link becomes invalid if the user will change the password or remember the credentials and logs in.