From fe1dfcf1b405e78bcd789e120138fbcc673e5903 Mon Sep 17 00:00:00 2001
From: Marius Gavrilescu <marius@ieval.ro>
Date: Sun, 1 Mar 2015 14:07:00 +0200
Subject: [PATCH] Reduce default reset token validity to 1 hour

---
 lib/Plack/Middleware/Auth/Complex.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/Plack/Middleware/Auth/Complex.pm b/lib/Plack/Middleware/Auth/Complex.pm
index 4efd0ec..e272f18 100644
--- a/lib/Plack/Middleware/Auth/Complex.pm
+++ b/lib/Plack/Middleware/Auth/Complex.pm
@@ -29,7 +29,7 @@ sub default_opts {(
 	realm             => 'restricted area',
 	cache_fail        => 0,
 	cache_max_age     => 5 * 60,
-	token_max_age     => 60 * 60 * 24,
+	token_max_age     => 60 * 60,
 	username_regex    => qr/^\w{2,20}$/a,
 	register_url      => '/action/register',
 	passwd_url        => '/action/passwd',
@@ -379,7 +379,7 @@ to 5 minutes.
 
 =item token_max_age
 
-Password reset token validity, in seconds. Defaults to 24 hours.
+Password reset token validity, in seconds. Defaults to 1 hour.
 
 =item username_regex
 
-- 
2.30.2