[2.0.x] Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS."

This reverts commit 95993a89ce. Backport of 67a6ba391b from master
2025-10-25 06:36:07 +00:00 · 2017-09-25 08:51:02 -04:00
parent d68744f6ad
commit e241b4e797
3 changed files with 3 additions and 11 deletions
--- a/django/contrib/auth/tokens.py
+++ b/django/contrib/auth/tokens.py
@@ -42,7 +42,7 @@ class PasswordResetTokenGenerator:
            return False

        # Check the timestamp is within limit
-        if (self._num_days(self._today()) - ts) >= settings.PASSWORD_RESET_TIMEOUT_DAYS:
+        if (self._num_days(self._today()) - ts) > settings.PASSWORD_RESET_TIMEOUT_DAYS:
            return False

        return True