diff --git a/models/bots/task.go b/models/bots/task.go
index c8f1865d99..a2cb93ca3b 100644
--- a/models/bots/task.go
+++ b/models/bots/task.go
@@ -7,6 +7,7 @@ package bots
 import (
 	"bytes"
 	"context"
+	"crypto/subtle"
 	"encoding/binary"
 	"errors"
 	"fmt"
@@ -266,7 +267,7 @@ func GetTaskByToken(ctx context.Context, token string) (*Task, error) {
 
 	for _, t := range tasks {
 		tempHash := auth_model.HashToken(token, t.TokenSalt)
-		if t.TokenHash == tempHash {
+		if subtle.ConstantTimeCompare([]byte(t.TokenHash), []byte(tempHash)) == 1 {
 			if successfulTokenTaskCache != nil {
 				successfulTokenTaskCache.Add(token, t.ID)
 			}