Add support for session expiration. Closes omabgh-29

wyleung · Feb 23, 2011 · 6602ee1 · 6602ee1
1 parent fbc8dbb
commit 6602ee1
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 1 deletion.
diff --git a/README.rst b/README.rst
@@ -198,6 +198,14 @@ Configuration
   Also more extra values will be stored if defined, details about this setting
   are listed below on OpenId and OAuth sections.
 
+  Session expiration time is an special value, it's recommended to define::
+
+    SOCIAL_AUTH_EXPIRATION = 'expires'
+
+  to and use such setting name where expiration times are returned. View that
+  completes login process will set session expiration time to this value if
+  it's present.
+
 - It's possible to override the used User model if needed::
 
     SOCIAL_AUTH_USER_MODEL = 'myapp.CustomUser'

diff --git a/social_auth/backends/facebook.py b/social_auth/backends/facebook.py
@@ -26,13 +26,14 @@
 FACEBOOK_AUTHORIZATION_URL = 'https://%s/oauth/authorize' % FACEBOOK_SERVER
 FACEBOOK_ACCESS_TOKEN_URL = 'https://%s/oauth/access_token' % FACEBOOK_SERVER
 FACEBOOK_CHECK_AUTH = 'https://%s/me' % FACEBOOK_SERVER
+EXPIRES_NAME = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires')
 
 
 class FacebookBackend(OAuthBackend):
     """Facebook OAuth authentication backend"""
     name = 'facebook'
     # Default extra data to store
-    EXTRA_DATA = [('id', 'id'), ('expires', 'expires')]
+    EXTRA_DATA = [('id', 'id'), ('expires', EXPIRES_NAME)]
 
     def get_user_details(self, response):
         """Return user details from Facebook account"""

diff --git a/social_auth/models.py b/social_auth/models.py
@@ -1,5 +1,6 @@
 """Social auth models"""
 import warnings
+from datetime import timedelta
 
 from django.db import models
 from django.conf import settings
@@ -48,6 +49,19 @@ def __unicode__(self):
         """Return associated user unicode representation"""
         return unicode(self.user)
 
+    def expiration_delta(self):
+        """Return saved session expiration seconds if any. Is retuned in
+        the form of a timedelta data type. None is returned if there's no
+        value stored or it's malformed.
+        """
+        if self.extra_data:
+            name = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires')
+            try:
+                return timedelta(seconds=int(self.extra_data.get(name)))
+            except ValueError:
+                pass
+        return None
+
 
 class Nonce(models.Model):
     """One use numbers"""

diff --git a/social_auth/views.py b/social_auth/views.py
@@ -41,6 +41,10 @@ def complete_process(request, backend):
 
     if user and getattr(user, 'is_active', True):
         login(request, user)
+        # set session expiration date if present
+        social_user = user.social_auth.get(provider=backend.AUTH_BACKEND.name)
+        if social_user.expiration_delta():
+            request.session.set_expiry(social_user.expiration_delta())
         url = request.session.pop(REDIRECT_FIELD_NAME, '') or \
               getattr(settings, 'LOGIN_REDIRECT_URL', '')
     else: