PyPI - Nexom - Versions diffs - 1.0.4__tar.gz → 1.0.5__tar.gz - Mend

Nexom 1.0.4tar.gz → 1.0.5tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

{nexom-1.0.4/src/Nexom.egg-info → nexom-1.0.5}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: Nexom
-Version: 1.0.4
+Version: 1.0.5
 Summary: Lightweight Python Web Framework (WSGI)
 Author: TouriAida
 License: MIT License
@@ -191,4 +191,4 @@ sudo systemd start banana-project@banana2
 sudo systemd start banana-project@banana3
 ```
-2026 1/25
+2026 1/27

{nexom-1.0.4 → nexom-1.0.5}/README.md RENAMED Viewed

@@ -154,4 +154,4 @@ sudo systemd start banana-project@banana2
 sudo systemd start banana-project@banana3
 ```
-2026 1/25
+2026 1/27

{nexom-1.0.4 → nexom-1.0.5}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "Nexom"
-version = "1.0.4"
+version = "1.0.5"
 description = "Lightweight Python Web Framework (WSGI)"
 readme = "README.md"
 requires-python = ">=3.10"

{nexom-1.0.4 → nexom-1.0.5/src/Nexom.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: Nexom
-Version: 1.0.4
+Version: 1.0.5
 Summary: Lightweight Python Web Framework (WSGI)
 Author: TouriAida
 License: MIT License
@@ -191,4 +191,4 @@ sudo systemd start banana-project@banana2
 sudo systemd start banana-project@banana3
 ```
-2026 1/25
+2026 1/27

{nexom-1.0.4 → nexom-1.0.5}/src/Nexom.egg-info/SOURCES.txt RENAMED Viewed

@@ -32,6 +32,7 @@ src/nexom/assets/app/pages/default.py
 src/nexom/assets/app/pages/document.py
 src/nexom/assets/app/pages/__pycache__/__init__.cpython-313.pyc
 src/nexom/assets/app/static/dog.jpeg
+src/nexom/assets/app/static/github.png
 src/nexom/assets/app/static/style.css
 src/nexom/assets/app/templates/base.html
 src/nexom/assets/app/templates/default.html

{nexom-1.0.4 → nexom-1.0.5}/src/nexom/app/__init__.py RENAMED Viewed

@@ -16,7 +16,7 @@ from .response import (
 )
 # ---- Routing ----
-from .path import Path, Static, Pathlib
+from .path import Path, Static, Router
 # ---- Cookie ----
 from .cookie import Cookie, RequestCookies

{nexom-1.0.4 → nexom-1.0.5}/src/nexom/app/auth.py RENAMED Viewed

@@ -8,24 +8,36 @@ import time
 import hashlib
 import hmac
 import json
+import sqlite3
 from urllib.request import Request as UrlRequest, urlopen
 from urllib.error import URLError, HTTPError
 from .request import Request
 from .response import JsonResponse
 from .db import DatabaseManager
-from .path import Path, Pathlib
+from .path import Path, Router
 from ..core.log import AuthLogger
 from ..core.error import (
     NexomError,
-    AuthMissingFieldError,
-    AuthInvalidCredentialsError,
-    AuthUserDisabledError,
-    AuthTokenInvalidError,
+    AuthMissingFieldError,          # A01
+    AuthUserIdAlreadyExistsError,   # A02
+    AuthInvalidCredentialsError,    # A03
+    AuthUserDisabledError,          # A04
+    AuthTokenMissingError,          # A05
+    AuthTokenInvalidError,          # A06
+    AuthTokenExpiredError,          # A07
+    AuthTokenRevokedError,          # A08
+    AuthServiceUnavailableError,    # A09
+    _status_for_auth_error,
+    DBError,
+    DBMConnectionInvalidError,
+    DBOperationalError,
+    DBIntegrityError,
+    DBProgrammingError,
 )
 # --------------------
 # utils
 # --------------------
@@ -33,20 +45,32 @@ from ..core.error import (
 def _now() -> int:
     return int(time.time())
 def _rand(nbytes: int = 24) -> str:
     return secrets.token_urlsafe(nbytes)
 def _make_salt(nbytes: int = 16) -> str:
     return secrets.token_hex(nbytes)
 def _hash_password(password: str, salt_hex: str) -> str:
     salt = bytes.fromhex(salt_hex)
     dk = hashlib.pbkdf2_hmac("sha256", password.encode("utf-8"), salt, 200_000)
     return dk.hex()
 def _token_hash(token: str) -> str:
     return hashlib.sha256(token.encode("utf-8")).hexdigest()
+# --------------------
+# variables (internal)
+# --------------------
+KEY_NAME = "_nxt"
 # --------------------
 # models (internal)
 # --------------------
@@ -61,6 +85,7 @@ class Session:
     revoked_at: int | None
     user_agent: str | None
 # --------------------
 # AuthService (API only)
 # --------------------
@@ -70,15 +95,23 @@ class AuthService:
     Auth API service (JSON only).
     """
-    def __init__(self, db_path: str, log_path: str, *, ttl_sec: int = 60 * 60 * 24 * 7, prefix: str = "") -> None:
+    def __init__(
+        self,
+        db_path: str,
+        log_path: str,
+        *,
+        ttl_sec: int = 60 * 60 * 24 * 7,
+        prefix: str = "",
+    ) -> None:
         self.dbm = AuthDBM(db_path)
         self.ttl_sec = ttl_sec
         p = prefix.strip("/")
         def _p(x: str) -> str:
             return f"{p}/{x}".strip("/") if p else x
-        self.routing = Pathlib(
+        self.routing = Router(
             Path(_p("signup"), self.signup, "AuthSignup"),
             Path(_p("login"), self.login, "AuthLogin"),
             Path(_p("logout"), self.logout, "AuthLogout"),
@@ -92,8 +125,12 @@ class AuthService:
         try:
             route = self.routing.get(req.path)
             return route.call_handler(req)
         except NexomError as e:
-            return JsonResponse({"ok": False, "error": e.code}, status=400)
+            # error code -> proper HTTP status
+            status = _status_for_auth_error(e.code)
+            return JsonResponse({"ok": False, "error": e.code}, status=status)
         except Exception:
             return JsonResponse({"ok": False, "error": "InternalError"}, status=500)
@@ -101,38 +138,43 @@ class AuthService:
     def signup(self, request: Request, args: dict[str, Optional[str]]) -> JsonResponse:
         if request.method != "POST":
-            return JsonResponse({"ok": False}, status=405)
+            return JsonResponse({"ok": False, "error": "MethodNotAllowed"}, status=405)
         data = request.json() or {}
-        self.dbm.signup(
-            user_id=str(data.get("user_id") or "").strip(),
-            public_name=str(data.get("public_name") or "").strip(),
-            password=str(data.get("password") or ""),
-        )
+        user_id = str(data.get("user_id") or "").strip()
+        public_name = str(data.get("public_name") or "").strip()
+        password = str(data.get("password") or "")
+        self.dbm.signup(user_id=user_id, public_name=public_name, password=password)
         return JsonResponse({"ok": True}, status=201)
     def login(self, request: Request, args: dict[str, Optional[str]]) -> JsonResponse:
         if request.method != "POST":
-            return JsonResponse({"ok": False}, status=405)
+            return JsonResponse({"ok": False, "error": "MethodNotAllowed"}, status=405)
         data = request.json() or {}
+        user_id = str(data.get("user_id") or "").strip()
+        password = str(data.get("password") or "")
         sess = self.dbm.login(
-            str(data.get("user_id") or "").strip(),
-            str(data.get("password") or ""),
+            user_id,
+            password,
             user_agent=request.headers.get("user-agent"),
             ttl_sec=self.ttl_sec,
         )
-        return JsonResponse({
-            "ok": True,
-            "user_id": sess.user_id,
-            "token": sess.token,
-            "expires_at": sess.expires_at,
-        })
+        return JsonResponse(
+            {
+                "ok": True,
+                "user_id": sess.user_id,
+                "token": sess.token,
+                "expires_at": sess.expires_at,
+            }
+        )
     def logout(self, request: Request, args: dict[str, Optional[str]]) -> JsonResponse:
         if request.method != "POST":
-            return JsonResponse({"ok": False}, status=405)
+            return JsonResponse({"ok": False, "error": "MethodNotAllowed"}, status=405)
         token = str((request.json() or {}).get("token") or "")
         if token:
@@ -141,18 +183,22 @@ class AuthService:
     def verify(self, request: Request, args: dict[str, Optional[str]]) -> JsonResponse:
         if request.method != "POST":
-            return JsonResponse({"ok": False}, status=405)
+            return JsonResponse({"ok": False, "error": "MethodNotAllowed"}, status=405)
         token = str((request.json() or {}).get("token") or "")
         sess = self.dbm.verify(token)
         if not sess:
-            return JsonResponse({"active": False})
+            return JsonResponse({"active": False}, status=200)
+        return JsonResponse(
+            {
+                "active": True,
+                "user_id": sess.user_id,
+                "expires_at": sess.expires_at,
+            },
+            status=200,
+        )
-        return JsonResponse({
-            "active": True,
-            "user_id": sess.user_id,
-            "expires_at": sess.expires_at,
-        })
 # --------------------
 # AuthClient (App側)
@@ -170,48 +216,97 @@ class AuthClient:
         self.timeout = timeout
     def _post(self, url: str, body: dict) -> dict:
-        payload = json.dumps(body).encode("utf-8")
+        payload = json.dumps(body, ensure_ascii=False).encode("utf-8")
         req = UrlRequest(
             url,
             data=payload,
-            headers={"Content-Type": "application/json"},
+            headers={
+                "Content-Type": "application/json; charset=utf-8",
+                "Accept": "application/json",
+            },
             method="POST",
         )
         try:
             with urlopen(req, timeout=self.timeout) as r:
-                data = json.loads(r.read().decode("utf-8"))
-        except (HTTPError, URLError, json.JSONDecodeError) as e:
-            print(str(e))
-            raise AuthTokenInvalidError()
-        return data
-    def signup(self, *, user_id: str, public_name: str, password: str) -> bool:
-        return bool(self._post(self.signup_url, {
-            "user_id": user_id,
-            "public_name": public_name,
-            "password": password,
-        }).get("ok"))
+                raw = r.read()
+                text = raw.decode("utf-8", errors="replace")
+                return json.loads(text) if text else {}
+        except HTTPError as e:
+            try:
+                raw = e.read()
+                text = raw.decode("utf-8", errors="replace")
+                return json.loads(text) if text else {"ok": False, "error": f"HTTP_{e.code}"}
+            except Exception:
+                return {"ok": False, "error": f"HTTP_{e.code}"}
+        except (URLError, TimeoutError):
+            raise AuthServiceUnavailableError()
+        except json.JSONDecodeError:
+            raise AuthServiceUnavailableError()
+    def signup(self, *, user_id: str, public_name: str, password: str) -> None:
+        d = self._post(
+            self.signup_url,
+            {"user_id": user_id, "public_name": public_name, "password": password},
+        )
+        if d.get("ok"):
+            return
+        self._raise_from_error_code(str(d.get("error") or ""))
     def login(self, *, user_id: str, password: str) -> tuple[str, str, int]:
         d = self._post(self.login_url, {"user_id": user_id, "password": password})
-        return d["token"], d["user_id"], d["expires_at"]
+        if not d.get("ok"):
+            self._raise_from_error_code(str(d.get("error") or ""))
+        return str(d["token"]), str(d["user_id"]), int(d["expires_at"])
     def verify_token(self, *, token: str) -> tuple[bool, Optional[str], Optional[int]]:
         d = self._post(self.verify_url, {"token": token})
-        if not d.get("active"):
-            return False, None, None
-        return True, d["user_id"], d["expires_at"]
-    def logout(self, *, token: str) -> bool:
-        return bool(self._post(self.logout_url, {"token": token}).get("ok"))
+        if d.get("active") is True:
+            return True, str(d["user_id"]), int(d["expires_at"])
+        # active False は正常系扱い
+        return False, None, None
+    def logout(self, *, token: str) -> None:
+        d = self._post(self.logout_url, {"token": token})
+        if d.get("ok"):
+            return
+        self._raise_from_error_code(str(d.get("error") or ""))
+    def _raise_from_error_code(self, code: str) -> None:
+        if code == "A01":
+            raise AuthMissingFieldError("unknown")
+        if code == "A02":
+            raise AuthUserIdAlreadyExistsError()
+        if code == "A03":
+            raise AuthInvalidCredentialsError()
+        if code == "A04":
+            raise AuthUserDisabledError()
+        if code == "A05":
+            raise AuthTokenMissingError()
+        if code == "A06":
+            raise AuthTokenInvalidError()
+        if code == "A07":
+            raise AuthTokenExpiredError()
+        if code == "A08":
+            raise AuthTokenRevokedError()
+        if code == "A09":
+            raise AuthServiceUnavailableError()
+        # 想定外レスポンス
+        raise AuthServiceUnavailableError()
 # --------------------
 # DB
 # --------------------
 class AuthDBM(DatabaseManager):
-    # override
     def _init(self) -> None:
         self.execute_many(
             [
@@ -241,7 +336,7 @@ class AuthDBM(DatabaseManager):
                     );
                     """,
                     (),
-                )
+                ),
             ]
         )
@@ -254,18 +349,30 @@ class AuthDBM(DatabaseManager):
             raise AuthMissingFieldError("password")
         salt = _make_salt()
-        self.execute(
-            "INSERT INTO users VALUES(?,?,?,?,?,?,?)",
-            _rand(),
-            user_id,
-            public_name,
-            _hash_password(password, salt),
-            salt,
-            None,
-            1,
-        )
+        uid = _rand()
+        try:
+            self.execute(
+                "INSERT INTO users VALUES(?,?,?,?,?,?,?)",
+                uid,
+                user_id,
+                public_name,
+                _hash_password(password, salt),
+                salt,
+                None,
+                1,
+            )
+        except DBIntegrityError:
+            raise AuthUserIdAlreadyExistsError()
+        except Exception as e:
+            raise AuthServiceUnavailableError()
     def login(self, user_id: str, password: str, *, user_agent: str | None, ttl_sec: int) -> Session:
+        if not user_id:
+            raise AuthMissingFieldError("user_id")
+        if not password:
+            raise AuthMissingFieldError("password")
         rows = self.execute(
             "SELECT uid, user_id, password_hash, password_salt, is_active FROM users WHERE user_id=?",
             user_id,
@@ -276,15 +383,17 @@ class AuthDBM(DatabaseManager):
         uid, uid_text, pw_hash, salt, active = rows[0]
         if not active:
             raise AuthUserDisabledError()
-        if not hmac.compare_digest(_hash_password(password, salt), pw_hash):
+        if not hmac.compare_digest(_hash_password(password, str(salt)), str(pw_hash)):
             raise AuthInvalidCredentialsError()
         token = _rand()
         exp = _now() + ttl_sec
+        sid = _rand()
         self.execute(
             "INSERT INTO sessions VALUES(?,?,?,?,?,?)",
-            _rand(),
+            sid,
             uid,
             _token_hash(token),
             exp,
@@ -292,9 +401,12 @@ class AuthDBM(DatabaseManager):
             user_agent,
         )
-        return Session("", uid, uid_text, token, exp, None, user_agent)
+        return Session(sid, uid, uid_text, token, exp, None, user_agent)
     def logout(self, token: str) -> None:
+        if not token:
+            raise AuthMissingFieldError("token")
         self.execute(
             "UPDATE sessions SET revoked_at=? WHERE token_hash=?",
             _now(),
@@ -308,7 +420,8 @@ class AuthDBM(DatabaseManager):
         rows = self.execute(
             """
             SELECT s.sid, s.uid, u.user_id, s.expires_at, s.revoked_at, s.user_agent
-            FROM sessions s JOIN users u ON u.uid=s.uid
+            FROM sessions s
+            JOIN users u ON u.uid=s.uid
             WHERE s.token_hash=?
             """,
             _token_hash(token),
@@ -317,7 +430,7 @@ class AuthDBM(DatabaseManager):
             return None
         sid, uid, user_id, exp, rev, ua = rows[0]
-        if rev or exp <= _now():
+        if rev or int(exp) <= _now():
             return None
-        return Session(sid, uid, user_id, token, exp, None, ua)
+        return Session(str(sid), str(uid), str(user_id), str(token), int(exp), None, ua)

{nexom-1.0.4 → nexom-1.0.5}/src/nexom/app/db.py RENAMED Viewed

@@ -1,9 +1,35 @@
 from __future__ import annotations
 from typing import Any, Iterable
-from sqlite3 import connect, Connection, Cursor, Error
-from ..core.error import DBMConnectionInvalidError, DBError
+from sqlite3 import (
+    connect,
+    Connection,
+    Cursor,
+    Error,
+    OperationalError,
+    IntegrityError,
+    ProgrammingError
+)
+from ..core.error import (
+    DBError,
+    DBMConnectionInvalidError,
+    DBOperationalError,
+    DBIntegrityError,
+    DBProgrammingError
+)
+def _call_error_handler(e: Error):
+    if isinstance(e, OperationalError):
+        raise DBOperationalError(str(e))
+    elif isinstance(e, ProgrammingError):
+        raise DBProgrammingError(str(e))
+    elif isinstance(e, IntegrityError):
+        raise DBIntegrityError(str(e))
+    else:
+        raise DBMConnectionInvalidError(str(e))
 class DatabaseManager:
@@ -39,7 +65,7 @@ class DatabaseManager:
             self.commit()
         except Error as e:
-            raise DBMConnectionInvalidError(str(e))
+            _call_error_handler(e)
     def rip_connection(self) -> None:
         if self._conn is None:
@@ -70,7 +96,8 @@ class DatabaseManager:
         except Error as e:
             self._conn.rollback()
-            raise DBError(str(e))
+            _call_error_handler(e)
     def execute_many(self, sql_inserts: Iterable[ list[ tuple[str, tuple] ] ]) -> None:
         if self._conn is None or self._cursor is None:
@@ -85,4 +112,5 @@ class DatabaseManager:
         except Error as e:
             self._conn.rollback()
-            raise DBError(str(e))
+            _call_error_handler(e)

{nexom-1.0.4 → nexom-1.0.5}/src/nexom/app/path.py RENAMED Viewed

@@ -148,7 +148,7 @@ class Static(Path):
 # Pathlib
 # ====================
-class Pathlib(list[Path]):
+class Router(list[Path]):
     """Collection of Path objects with middleware support."""
     def __init__(self, *paths: Path) -> None:

{nexom-1.0.4 → nexom-1.0.5}/src/nexom/app/response.py RENAMED Viewed

@@ -111,7 +111,7 @@ class JsonResponse(Response):
             cookie=cookie,
             content_type=content_type,
             charset=charset,
-            include_charset=False,  # ここは自前で付けたからFalse
+            include_charset=False,
         )
 class Redirect(Response):
@@ -119,11 +119,20 @@ class Redirect(Response):
     HTTP redirect response (302).
     """
-    def __init__(self, location: str) -> None:
+    def __init__(
+        self,
+        location: str,
+        headers: Iterable[Header] | None = None,
+        cookie: str | None = None,
+    ) -> None:
+        extra = list(headers) if headers else []
+        res_headers = [("Location", location), *extra]
         super().__init__(
             body=b"",
             status=302,
-            headers=[("Location", location)],
+            headers=res_headers,
+            cookie=cookie,
         )

Nexom 1.0.4__tar.gz → 1.0.5__tar.gz

Nexom 1.0.4tar.gz → 1.0.5tar.gz