Rotate password reset tokens after successful password reset

stevepolitodesign / rails-authentication-from-scratch

A step-by-step guide on how to build your own authentication system in Rails from scratch.

222 stars 32 forks source link

Closed stevepolitodesign closed 2 years ago

stevepolitodesign commented 2 years ago

This ensures the token cannot be used again. We have an expiration on this value, but doing a reset is more secure.