diff --git a/app/models/gestionnaire.rb b/app/models/gestionnaire.rb
index dab20d0ac..9b6a8ece8 100644
--- a/app/models/gestionnaire.rb
+++ b/app/models/gestionnaire.rb
@@ -3,6 +3,8 @@ class Gestionnaire < ApplicationRecord
   include EmailSanitizableConcern
   include ActiveRecord::SecureToken
 
+  LOGIN_TOKEN_VALIDITY = 30.minutes
+
   devise :database_authenticatable, :registerable, :async,
     :recoverable, :rememberable, :trackable, :validatable
 
@@ -141,7 +143,7 @@ class Gestionnaire < ApplicationRecord
 
   def login_token_valid?(login_token)
     BCrypt::Password.new(encrypted_login_token) == login_token &&
-      30.minutes.ago < login_token_created_at
+      LOGIN_TOKEN_VALIDITY.ago < login_token_created_at
   rescue BCrypt::Errors::InvalidHash
     false
   end
diff --git a/spec/models/gestionnaire_spec.rb b/spec/models/gestionnaire_spec.rb
index b16eda588..adf65f7b6 100644
--- a/spec/models/gestionnaire_spec.rb
+++ b/spec/models/gestionnaire_spec.rb
@@ -401,7 +401,7 @@ describe Gestionnaire, type: :model do
     it { expect(gestionnaire.login_token_valid?('bad_token')).to be false }
 
     context 'when the token as expired' do
-      before { gestionnaire.update(login_token_created_at: 31.minutes.ago) }
+      before { gestionnaire.update(login_token_created_at: (Gestionnaire::LOGIN_TOKEN_VALIDITY + 1.minute).ago) }
 
       it { expect(gestionnaire.login_token_valid?(good_token)).to be false }
     end