-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expire one-time login links #1
Comments
I see that there is a --delay-delete now so this actually is already implemented and the issue can be closed. |
This issue is meant to only make the token valid for a specific period of time. |
Hi, I'm wondering if add an extra param to wp-cli --expiry=10, meaning that token will expire after 10 mins, independent of being used or not. It cam be achieved on function one_time_login_generate_tokens, using the same approach of delay-delete scheduling wp_schedule_single_event() for expiry time. |
@masakik Sure, I'd be open to a pull request for that! |
Currently, the one-time login link lasts for as long as the plugin is active. We should probably expire the link at some point.
The text was updated successfully, but these errors were encountered: