Add support for session expiration. Closes gh-29

diff --git a/README.rst b/README.rst
index b868f031863bd458096d527be4cfbed57ca5b674..9c6ff126c5dc3177db806fc8480fa01e5908aca4 100644 (file)
--- a/README.rst
+++ b/README.rst
@@ -198,6 +198,14 @@ Configuration
   Also more extra values will be stored if defined, details about this setting
   are listed below on OpenId and OAuth sections.
 
+  Session expiration time is an special value, it's recommended to define::
+
+    SOCIAL_AUTH_EXPIRATION = 'expires'
+
+  to and use such setting name where expiration times are returned. View that
+  completes login process will set session expiration time to this value if
+  it's present.
+
 - It's possible to override the used User model if needed::
 
     SOCIAL_AUTH_USER_MODEL = 'myapp.CustomUser'

diff --git a/social_auth/backends/facebook.py b/social_auth/backends/facebook.py
index a8784e912955f19c7302c1026066f6c26c96c877..2c1414508d0b79f1ee92d0803f98c9b6ac58e719 100644 (file)
--- a/social_auth/backends/facebook.py
+++ b/social_auth/backends/facebook.py
@@ -26,13 +26,14 @@ FACEBOOK_SERVER = 'graph.facebook.com'
 FACEBOOK_AUTHORIZATION_URL = 'https://%s/oauth/authorize' % FACEBOOK_SERVER
 FACEBOOK_ACCESS_TOKEN_URL = 'https://%s/oauth/access_token' % FACEBOOK_SERVER
 FACEBOOK_CHECK_AUTH = 'https://%s/me' % FACEBOOK_SERVER
+EXPIRES_NAME = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires')
 
 
 class FacebookBackend(OAuthBackend):
     """Facebook OAuth authentication backend"""
     name = 'facebook'
     # Default extra data to store
-    EXTRA_DATA = [('id', 'id'), ('expires', 'expires')]
+    EXTRA_DATA = [('id', 'id'), ('expires', EXPIRES_NAME)]
 
     def get_user_details(self, response):
         """Return user details from Facebook account"""

diff --git a/social_auth/models.py b/social_auth/models.py
index 749f0c5f9bdc239f021db0d2367365cdccf409ac..4a2c529e31f4783fdd5db1787eb7abea6b58e09f 100644 (file)
--- a/social_auth/models.py
+++ b/social_auth/models.py
@@ -1,5 +1,6 @@
 """Social auth models"""
 import warnings
+from datetime import timedelta
 
 from django.db import models
 from django.conf import settings
@@ -48,6 +49,19 @@ class UserSocialAuth(models.Model):
         """Return associated user unicode representation"""
         return unicode(self.user)
 
+    def expiration_delta(self):
+        """Return saved session expiration seconds if any. Is retuned in
+        the form of a timedelta data type. None is returned if there's no
+        value stored or it's malformed.
+        """
+        if self.extra_data:
+            name = getattr(settings, 'SOCIAL_AUTH_EXPIRATION', 'expires')
+            try:
+                return timedelta(seconds=int(self.extra_data.get(name)))
+            except ValueError:
+                pass
+        return None
+
 
 class Nonce(models.Model):
     """One use numbers"""

diff --git a/social_auth/views.py b/social_auth/views.py
index 938958801118195d52e09189c36f7b3ca38fd132..3b2ac9fe631511095f8891972e765ecfabf4d8d9 100644 (file)
--- a/social_auth/views.py
+++ b/social_auth/views.py
@@ -41,6 +41,10 @@ def complete_process(request, backend):
 
     if user and getattr(user, 'is_active', True):
         login(request, user)
+        # set session expiration date if present
+        social_user = user.social_auth.get(provider=backend.AUTH_BACKEND.name)
+        if social_user.expiration_delta():
+            request.session.set_expiry(social_user.expiration_delta())
         url = request.session.pop(REDIRECT_FIELD_NAME, '') or \
               getattr(settings, 'LOGIN_REDIRECT_URL', '')
     else: