From a2336c5de836267a4e88961422fc3f26cedab47e Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Thu, 18 Feb 2016 21:41:50 +0100
Subject: we now specify the validity period of the activation link.

---
 src/web/lib/user_utils.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/web/lib/user_utils.py')

diff --git a/src/web/lib/user_utils.py b/src/web/lib/user_utils.py
index d5c3da22..dfeb8dfa 100644
--- a/src/web/lib/user_utils.py
+++ b/src/web/lib/user_utils.py
@@ -1,7 +1,7 @@
 
 
 from itsdangerous import URLSafeTimedSerializer
-
+import conf
 from bootstrap import application
 
 
@@ -10,13 +10,13 @@ def generate_confirmation_token(email):
     return serializer.dumps(email, salt=application.config['SECURITY_PASSWORD_SALT'])
 
 
-def confirm_token(token, expiration=3600):
+def confirm_token(token):
     serializer = URLSafeTimedSerializer(application.config['SECRET_KEY'])
     try:
         email = serializer.loads(
             token,
             salt=application.config['SECURITY_PASSWORD_SALT'],
-            max_age=expiration
+            max_age=conf.TOKEN_VALIDITY_PERIOD
         )
     except:
         return False
-- 
cgit