Set the expiry time on a verify code (2fa) to 10 minutes.

When the verify code is wrong or expired increment the failed to login count for the user. When the verify code is successfully used reset the failed login count to 0.
2026-02-02 17:31:14 -05:00 · 2017-02-14 14:04:11 +00:00
parent b2267ae5fc
commit 5f48367ee5
3 changed files with 148 additions and 182 deletions
--- a/app/dao/users_dao.py
+++ b/app/dao/users_dao.py
@@ -35,7 +35,7 @@ def save_model_user(usr, update_dict={}, pwd=None):

 def create_user_code(user, code, code_type):
    verify_code = VerifyCode(code_type=code_type,
-                             expiry_datetime=datetime.utcnow() + timedelta(hours=1),
+                             expiry_datetime=datetime.utcnow() + timedelta(minutes=30),
                             user=user)
    verify_code.code = code
    db.session.add(verify_code)