Skip to content

Commit c143422

Browse files
matllubosmatllubos
committed
Reset authorization should not compute autorizaiton expiration from created_at
1 parent b952ac1 commit c143422

File tree

3 files changed

+4
-7
lines changed

3 files changed

+4
-7
lines changed

auth_token/contrib/rest_framework_auth/views.py

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -58,9 +58,8 @@ def post(self, request, *args, **kwargs):
5858
context={'request': request})
5959
serializer.is_valid(raise_exception=True)
6060
user = serializer.validated_data['user']
61-
6261
login(
63-
request._request, user, not serializer.validated_data.get('permanent', False),
62+
request._request, user, preserve_cookie=not serializer.validated_data.get('permanent', False),
6463
allowed_cookie=self.allowed_cookie, allowed_header=self.allowed_header
6564
)
6665
return Response({'token': request._request.token.secret_key})

auth_token/utils.py

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -568,16 +568,14 @@ def reset_authorization_request(authorization_request, expiration=None):
568568
Reset authorization request and increase its expiration.
569569
Args:
570570
authorization_request: authorization request where new OTP will be created.
571-
expiration: expiration time in seconds. Empty value means that original expiration time will be used.
571+
expiration: expiration time in seconds.
572572
573573
Returns:
574574
AuthorizationRequest instance with new authorization data
575575
"""
576576
assert authorization_request.result is None
577577
backend = get_authorization_backend(authorization_request.backend, raise_exception=True)
578-
579-
if expiration is None:
580-
expiration = (authorization_request.expires_at - authorization_request.created_at).total_seconds()
578+
expiration = expiration or settings.DEFAULT_AUTHORIZATION_REQUEST_AGE
581579

582580
authorization_request.change_and_save(expires_at=compute_expires_at(expiration))
583581
backend.initialize(authorization_request)

docs/authorization_request.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ To reset authorization request for example with purpose to create new OTP you ca
3333
.. function:: reset_authorization_request(authorization_request, expiration=None)
3434

3535
* ``authorization_request`` - authorization request only with type OTP.
36-
* ``expiration`` - expiration time in seconds. Empty value means that original expiration time will be used.
36+
* ``expiration`` - expiration time in seconds.
3737

3838

3939
Check authorization request

0 commit comments

Comments
 (0)