From a31a127fe0eb55d2df9782e2232e741e8da98ca2 Mon Sep 17 00:00:00 2001
From: Alex Grintsvayg <grin@lbry.io>
Date: Mon, 13 Mar 2017 18:01:47 -0400
Subject: [PATCH] retire old hash

---
 lib/thirdparty/Mailgun.class.php | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/lib/thirdparty/Mailgun.class.php b/lib/thirdparty/Mailgun.class.php
index 9703c461..f56de5e5 100644
--- a/lib/thirdparty/Mailgun.class.php
+++ b/lib/thirdparty/Mailgun.class.php
@@ -94,11 +94,11 @@ class Mailgun
     return true;
   }
 
-  protected static function getConfirmHash($email, $timestamp = null, $nonce = null, $useOldSecret = false)
+  protected static function getConfirmHash($email, $timestamp = null, $nonce = null)
   {
     $timestamp = $timestamp !== null ? $timestamp : time();
     $nonce     = $nonce !== null ? $nonce : bin2hex(random_bytes(8));
-    $secret    = $useOldSecret ? 'testing' : Config::get('mailing_list_hmac_secret');
+    $secret    = Config::get('mailing_list_hmac_secret');
 
     if (!$secret)
     {
@@ -122,11 +122,7 @@ class Mailgun
 
     if (!hash_equals(static::getConfirmHash($email, $timestamp, $nonce), $hash))
     {
-      // TODO: once old hashes expire, just return null here
-      if (date('Y-m-d') >= '2016-11-18' || !hash_equals(static::getConfirmHash($email, $timestamp, $nonce, true), $hash))
-      {
-        return null;
-      }
+      return null;
     }
 
     if (!is_numeric($timestamp) || time() - $timestamp > 60 * 60 * 24 * 3)