From 2aa7f6375a01625980278aee714bdc06002b0948 Mon Sep 17 00:00:00 2001
From: Tomi Turtiainen <10324676+tomi@users.noreply.github.com>
Date: Fri, 3 Nov 2023 13:32:08 +0200
Subject: [PATCH] fix(core): Decrease reset password token expire time (#7598)

Decrease the expiration time from 1 day to 20 minutes

Github issue / Community forum post (link here to close automatically):
---
 .../cli/src/UserManagement/email/templates/passwordReset.html   | 2 +-
 packages/cli/src/controllers/passwordReset.controller.ts        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/cli/src/UserManagement/email/templates/passwordReset.html b/packages/cli/src/UserManagement/email/templates/passwordReset.html
index e7f5bce5da..865072275e 100644
--- a/packages/cli/src/UserManagement/email/templates/passwordReset.html
+++ b/packages/cli/src/UserManagement/email/templates/passwordReset.html
@@ -1,5 +1,5 @@
 <p>Hi {{firstName}},</p>
 <p>Somebody asked to reset your password on n8n ({{ domain }}).</p>
 <br />
-<p>Click the following link to choose a new password. The link is valid for 2 hours.</p>
+<p>Click the following link to choose a new password. The link is valid for 20 minutes.</p>
 <a href="{{ passwordResetUrl }}">{{ passwordResetUrl }}</a>
diff --git a/packages/cli/src/controllers/passwordReset.controller.ts b/packages/cli/src/controllers/passwordReset.controller.ts
index b619e50f04..c8bf9ceeaa 100644
--- a/packages/cli/src/controllers/passwordReset.controller.ts
+++ b/packages/cli/src/controllers/passwordReset.controller.ts
@@ -120,7 +120,7 @@ export class PasswordResetController {
 		const resetPasswordToken = this.jwtService.signData(
 			{ sub: id },
 			{
-				expiresIn: '1d',
+				expiresIn: '20m',
 			},
 		);