Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make token expires for AccountVerifyView #134

Merged
merged 5 commits into from
Sep 2, 2015
Merged

Make token expires for AccountVerifyView #134

merged 5 commits into from
Sep 2, 2015

Conversation

kevinetienne
Copy link
Contributor

By default signing.loads has max_age sets to None which makes the
token to validate an account to never expire.

Make token expires for AccountVerifyView
df40868 
By default `signing.loads` has `max_age` sets to `None` which makes the
token to validate an account to never expire.
LilyFoote
LilyFoote reviewed Sep 2, 2015
View reviewed changes
user_management/api/views.py
settings,
'VERIFY_ACCOUNT_EXPIRY',
self.DEFAULT_VERIFY_ACCOUNT_EXPIRY,
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

try:
    max_age = settings.VERIFY_ACCOUNT_EXPIRY
except AttributeError:
    max_age = self.DEFAULT_VERIFY_ACCOUNT_EXPIRY

@kevinetienne
Copy link
Contributor Author

@Ian-Foote @meshy can you review/merge?

meshy
meshy reviewed Sep 2, 2015
View reviewed changes
user_management/api/views.py
Set user as a class attribute or raise an `InvalidExpiredToken`.
"""
try:
email_data = signing.loads(kwargs['token'])
max_age = settings.VERIFY_ACCOUNT_EXPIRY
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might it make more sense to add this to an app config?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

or, failing that, on this view?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, maybe. I don't think it matters much.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking about the app config, maybe we should wait until we drop support for 1.6

LilyFoote added a commit that referenced this pull request Sep 2, 2015
@LilyFoote
Merge pull request #134 from incuna/verify-token-age
8a40bd8 
Make token expires for AccountVerifyView
@LilyFoote LilyFoote merged commit 8a40bd8 into master Sep 2, 2015
@LilyFoote LilyFoote deleted the verify-token-age branch September 2, 2015 10:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kevinetienne @meshy @LilyFoote