Added expiration time check for VKontakte.

author Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>

Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)

committer Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>

Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)
author Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>
Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)
committer Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>
Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)
diff --git a/social_auth/backends/contrib/vkontakte.py b/social_auth/backends/contrib/vkontakte.py

index f38158d635a92a680a81105daa0e0161d02ac340..ee830dfd6df2415ac96cfb6b1779f495a282753b 100644 (file)
--- a/social_auth/backends/contrib/vkontakte.py
+++ b/social_auth/backends/contrib/vkontakte.py
@@ -9,6 +9,7 @@ from django.conf import settings
  from django.contrib.auth import authenticate
  from urllib import unquote
  from hashlib import md5
+from time import time
  
  from social_auth.backends import SocialAuthBackend, BaseAuth, USERNAME
  
@@ -60,7 +61,7 @@ class VKontakteAuth(BaseAuth):
          
          hash = md5(check_str + settings.VKONTAKTE_APP_SECRET).hexdigest()
          
-        if hash != cookie_dict['sig']:
+        if hash != cookie_dict['sig'] or int(cookie_dict['expire']) < time() :
              raise ValueError('VKontakte authentication failed: invalid hash')       
          else:
              kwargs.update({'response': self.request, self.AUTH_BACKEND.name: True})
author	Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>
	Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)
committer	Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>
	Wed, 19 Jan 2011 14:01:00 +0000 (17:01 +0300)