Noticed that a one-time login link that was sent didn't expire when it said it would. I've checked the time set on my server - and it's correct.

I'm not sure if this should be reported to drupal core (user.module) or whether it's dependant on specific functionality in Aegir. Any advice appreciated.

Comments

dman’s picture

dman commented

Quick check - have you got cron running correctly?

lukus’s picture

lukus
he/him
commented

Yes, it's being called both on Aegir and my managed sites.

adrian’s picture

adrian commented

we call the API function without any weirdness, and it has no parameters that can alter the length of the timeout :
http://api.drupal.org/api/function/user_pass_reset_url/6

adrian’s picture

adrian commented
Status: Active » Closed (works as designed)

Checked it out. and it's not our issue.

all we do is call the drupal functions (which do the necessary hashes). There's no way for us to even specify a timeout for instance.
It's hardcoded.

we arent in charge of the resetting of it, and that stuff isn't even related to the db in any way.

read through http://api.drupal.org/api/function/user_pass_reset/6 to get a better understanding of what it does.

lukus’s picture

lukus
he/him
commented

Thanks for the reply adrian, I'll see if I can replicate it .. maybe it was a problem with my system.

lukus’s picture

lukus
he/him
commented
Status: Closed (works as designed) » Closed (fixed)