spec/dummy/config/initializers/authenticate.rb in authenticate-0.2.0 vs spec/dummy/config/initializers/authenticate.rb in authenticate-0.2.1
- old
+ new
@@ -4,11 +4,12 @@
# config.cookie_expiration = { 1.month.from_now.utc }
# config.cookie_domain = nil
# config.cookie_path = '/'
# config.secure_cookie = false # set to true in production https environments
# config.http_only = false # set to true if you can
- # config.timeout_in = 45.minutes
- # config.max_session_lifetime = 8.hours
+ config.timeout_in = 45.minutes
+ config.max_session_lifetime = 5.minutes
config.max_consecutive_bad_logins_allowed = 1
config.bad_login_lockout_period = 2.minutes
+ config.reset_password_within = 5.minutes
# config.authentication_strategy = :email
end