Reset-password token expiration?

Hi everyone!

I am implementing the ‘reset-password’ functionality in Strapi, and I cannot find any information on whether Strapi provides an expiration time for the reset password token. I looked it up in the built-in auth controller that Strapi provides, and it seems like there is no check on this. Can someone guide me on how to change this and add a reasonable expiration time to this token? Is there a simple way?

Thanks! :smile:

This topic has been created from a Discord post (1250075773629366363) to give it more visibility.
It will be on Read-Only mode here.
Join the conversation on Discord