From 6602ee1d7f857e14590b0ca9242917041f1392b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Aguirre?= Date: Wed, 23 Feb 2011 18:30:51 -0200 Subject: [PATCH] Add support for session expiration. Closes gh-29 --- README.rst | 8 ++++++++ social_auth/backends/facebook.py | 3 ++- social_auth/models.py | 14 ++++++++++++++ social_auth/views.py | 4 ++++ 4 files changed, 28 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index b868f031..9c6ff126 100644 --- a/README.rst +++ b/README.rst @@ -198,6 +198,14 @@ Configuration Also more extra values will be stored if defined, details about this setting are listed below on OpenId and OAuth sections. + Session expiration time is an special value, it's recommended to define:: + + SOCIAL_AUTH_EXPIRATION = 'expires' + + to and use such setting name where expiration times are returned. View that + completes login process will set session expiration time to this value if + it's present. + - It's possible to override the used User model if needed:: SOCIAL_AUTH_USER_MODEL = 'myapp.CustomUser' diff --git a/social_auth/backends/facebook.py b/social_auth/backends/facebook.py index a8784e91..2c141450 100644 --- a/social_auth/backends/facebook.py +++ b/social_auth/backends/facebook.py @@ -26,13 +26,14 @@ FACEBOOK_AUTHORIZATION_URL = 'https://%s/oauth/authorize' % FACEBOOK_SERVER FACEBOOK_ACCESS_TOKEN_URL = 'https://%s/oauth/access_token' % FACEBOOK_SERVER FACEBOOK_CHECK_AUTH = 'https://%s/me' % FACEBOOK_SERVER +EXPIRES_NAME = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires') class FacebookBackend(OAuthBackend): """Facebook OAuth authentication backend""" name = 'facebook' # Default extra data to store - EXTRA_DATA = [('id', 'id'), ('expires', 'expires')] + EXTRA_DATA = [('id', 'id'), ('expires', EXPIRES_NAME)] def get_user_details(self, response): """Return user details from Facebook account""" diff --git a/social_auth/models.py b/social_auth/models.py index 749f0c5f..4a2c529e 100644 --- a/social_auth/models.py +++ b/social_auth/models.py @@ -1,5 +1,6 @@ """Social auth models""" import warnings +from datetime import timedelta from django.db import models from django.conf import settings @@ -48,6 +49,19 @@ def __unicode__(self): """Return associated user unicode representation""" return unicode(self.user) + def expiration_delta(self): + """Return saved session expiration seconds if any. Is retuned in + the form of a timedelta data type. None is returned if there's no + value stored or it's malformed. + """ + if self.extra_data: + name = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires') + try: + return timedelta(seconds=int(self.extra_data.get(name))) + except ValueError: + pass + return None + class Nonce(models.Model): """One use numbers""" diff --git a/social_auth/views.py b/social_auth/views.py index 93895880..3b2ac9fe 100644 --- a/social_auth/views.py +++ b/social_auth/views.py @@ -41,6 +41,10 @@ def complete_process(request, backend): if user and getattr(user, 'is_active', True): login(request, user) + # set session expiration date if present + social_user = user.social_auth.get(provider=backend.AUTH_BACKEND.name) + if social_user.expiration_delta(): + request.session.set_expiry(social_user.expiration_delta()) url = request.session.pop(REDIRECT_FIELD_NAME, '') or \ getattr(settings, 'LOGIN_REDIRECT_URL', '') else: