Is there a way to generate a single use token for password recovery, without using a database?
This is because, I have an application that doesn't have a database, and doesn't store or has access to the login database. I use a Web Service to login the users, and store everything I need on a session. So there is no need for a database.
I can create a token, that will be available for a certain amount of time, but that doesn't mean it will not be used more than once.