Description
The current password reset implementation stores the reset token in plain text and does not enforce an expiration time.
This presents potential security risks:
- Token misuse if database is compromised
- Unlimited validity of reset tokens
- Increased attack surface for replay attacks
The reset token mechanism should be improved to follow secure production standards.
Proposed Solution
- Hash the password reset token before storing it in the database
- Store only the hashed version
- Add
passwordResetExpires field to enforce token expiration (e.g., 15–30 minutes)
- Validate:
- Token matches hashed value
- Token is not expired
- Clear token and expiry after successful password reset
Acceptance Criteria
Description
The current password reset implementation stores the reset token in plain text and does not enforce an expiration time.
This presents potential security risks:
The reset token mechanism should be improved to follow secure production standards.
Proposed Solution
passwordResetExpiresfield to enforce token expiration (e.g., 15–30 minutes)Acceptance Criteria