ASP.NET Identity: Add ability to have different token lifespan for different purposes
We're generating tokens for password resets and user invites/registration using the GeneratePasswordResetTokenAsync() and GenerateUserTokenAsync() methods exposed by the UserManager class, respectively. We'd like to be able to have a different lifespan for each of those token types (e.g. 20 minutes for password resets and 1 week for user invites/registration). However, the DataProtectorTokenProvider class only has a single TokenLifespan that is used for all purposes.
This looks like a great suggestion. Thanks for cross posting to https://aspnetidentity.codeplex.com/workitem/2228 We will consider this in our next release
Chris Staley commented
This has been cross-posted to CodePlex: https://aspnetidentity.codeplex.com/workitem/2228