[12.x] Additional password reset token env vars #55408
Conversation
This adds optional environment variables to `config/auth.php` for the `passwords` entry, allowing token expiration and reset request throttling to be configured without publishing the config file.
gsinti
changed the title
| @@ -94,8 +94,8 @@ | |||
| 'users' => [ | |||
| 'provider' => 'users', | |||
| 'table' => env('AUTH_PASSWORD_RESET_TOKEN_TABLE', 'password_reset_tokens'), | |||
| 'expire' => 60, | |||
| 'throttle' => 60, | |||
| 'expire' => (int) env('AUTH_PASSWORD_RESET_TOKEN_EXPIRE', 60), | |||
There was a problem hiding this comment.
Why do we need to set or change these values through env variables?
There was a problem hiding this comment.
Same reason we allow the table to be set through an environment variable.
With Laravel 11.x, new projects don't start with the majority of config files published in order to reduce boilerplate.
This change allows the expiration and throttle to be configured without publishing the entire auth.php file or needing to add the passwords section at all (if already published).
|
Thanks for your pull request to Laravel! Unfortunately, I'm going to delay merging this code for now. To preserve our ability to adequately maintain the framework, we need to be very careful regarding the amount of code we include. If applicable, please consider releasing your code as a package so that the community can still take advantage of your contributions! |
|
@taylorotwell: Thanks for your comment. This is following the slim skeleton release introduced in #47309.
If I want to change the throttle or expiry, I must now publish the entire Is that the intended process? |
This adds optional environment variables to
config/auth.phpfor thepasswordsentry, allowing token expiration and reset request throttling to be configured without publishing the config file.