From aef5b159b270f8e43be5325302d1f7d4d4022743 Mon Sep 17 00:00:00 2001
From: Stas Kravets <skravets@internal-rfc1918.hn.nnov.stream.ru>
Date: Wed, 19 Jan 2011 17:01:00 +0300
Subject: [PATCH] Added expiration time check for VKontakte.

---
 social_auth/backends/contrib/vkontakte.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/social_auth/backends/contrib/vkontakte.py b/social_auth/backends/contrib/vkontakte.py
index f38158d..ee830df 100644
--- a/social_auth/backends/contrib/vkontakte.py
+++ b/social_auth/backends/contrib/vkontakte.py
@@ -9,6 +9,7 @@ from django.conf import settings
 from django.contrib.auth import authenticate
 from urllib import unquote
 from hashlib import md5
+from time import time
 
 from social_auth.backends import SocialAuthBackend, BaseAuth, USERNAME
 
@@ -60,7 +61,7 @@ class VKontakteAuth(BaseAuth):
         
         hash = md5(check_str + settings.VKONTAKTE_APP_SECRET).hexdigest()
         
-        if hash != cookie_dict['sig']:
+        if hash != cookie_dict['sig'] or int(cookie_dict['expire']) < time() :
             raise ValueError('VKontakte authentication failed: invalid hash')       
         else:
             kwargs.update({'response': self.request, self.AUTH_BACKEND.name: True})
-- 
2.39.5