fastlifeweb 0.21.0__py3-none-any.whl → 0.22.1__py3-none-any.whl

fastlife/{request → domain/model}/request.py

@@ -1,21 +1,21 @@
 """HTTP Request representation in a python object."""
 
-from typing import TYPE_CHECKING, Annotated, Any, Generic
+from typing import TYPE_CHECKING, Any, Generic
 
-from fastapi import Request as FastAPIRequest
-from fastapi.params import Depends
+from starlette.requests import Request as BaseRequest
 
-from fastlife.config.registry import DefaultRegistry, TRegistry
-from fastlife.domain.model.security import CSRFToken, create_csrf_token
+from fastlife.domain.model.csrf import CSRFToken, create_csrf_token
+from fastlife.domain.model.security_policy import TUser
+from fastlife.service.registry import TRegistry
 
 if TYPE_CHECKING:
-    from fastlife.security.policy import (  # coverage: ignore
+    from fastlife.service.security_policy import (  # coverage: ignore
         AbstractSecurityPolicy,
         HasPermission,
     )
 
 
-class GenericRequest(FastAPIRequest, Generic[TRegistry]):
+class GenericRequest(BaseRequest, Generic[TUser, TRegistry]):
     """HTTP Request representation."""
 
     registry: TRegistry
@@ -23,12 +23,12 @@ class GenericRequest(FastAPIRequest, Generic[TRegistry]):
     locale_name: str
     """Request locale used for the i18n of the response."""
 
-    security_policy: "AbstractSecurityPolicy[Any, TRegistry] | None"
+    security_policy: "AbstractSecurityPolicy[TUser, TRegistry] | None"
     """Request locale used for the i18n of the response."""
 
     renderer_globals: dict[str, Any]
 
-    def __init__(self, registry: TRegistry, request: FastAPIRequest) -> None:
+    def __init__(self, registry: TRegistry, request: BaseRequest) -> None:
         super().__init__(request.scope, request.receive)
         self.registry = registry
         self.locale_name = registry.locale_negociator(self)
@@ -64,29 +64,7 @@ class GenericRequest(FastAPIRequest, Generic[TRegistry]):
         if self.security_policy is None:
             raise RuntimeError(
                 f"Request {self.url.path} require a security policy, "
-                "explicit fastlife.security.policy.InsecurePolicy is required."
+                "explicit fastlife.service.security_policy.InsecurePolicy is required."
             )
 
         return await self.security_policy.has_permission(permission)
-
-
-def get_request(request: FastAPIRequest) -> GenericRequest[Any]:
-    return request  # type: ignore
-
-
-Request = Annotated[GenericRequest[DefaultRegistry], Depends(get_request)]
-"""A request that is associated to the default registry."""
-# FastAPI handle its Request objects using a lenient_issubclass,
-# basically a issubclass(Request), doe to the Generic[T], it does not work.
-
-
-AnyRequest = Annotated[GenericRequest[Any], Depends(get_request)]
-"""A request version that is associated to the any registry."""
-
-
-def get_registry(request: Request) -> DefaultRegistry:
-    return request.registry
-
-
-Registry = Annotated[DefaultRegistry, Depends(get_registry)]
-"""FastAPI dependency to access to the registry."""

fastlife/domain/model/security_policy.py

@@ -0,0 +1,105 @@
+"""Security policy."""
+
+import logging
+from collections.abc import Callable, Coroutine
+from typing import Any, Literal, TypeVar
+
+from fastapi import HTTPException
+from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN
+
+CheckPermissionHook = Callable[..., Coroutine[Any, Any, None]] | Callable[..., None]
+CheckPermission = Callable[[str], CheckPermissionHook]
+
+TUser = TypeVar("TUser")
+
+log = logging.getLogger(__name__)
+
+
+class Unauthorized(HTTPException):
+    """An exception raised to stop a request exectution and return an HTTP Error."""
+
+    def __init__(
+        self,
+        status_code: int = HTTP_401_UNAUTHORIZED,
+        detail: str = "Unauthorized",
+        headers: dict[str, str] | None = None,
+    ) -> None:
+        super().__init__(status_code, detail, headers)
+
+
+class Forbidden(HTTPException):
+    """An exception raised to stop a request exectution and return an HTTP Error."""
+
+    def __init__(
+        self,
+        status_code: int = HTTP_403_FORBIDDEN,
+        detail: str = "Forbidden",
+        headers: dict[str, str] | None = None,
+    ) -> None:
+        super().__init__(status_code, detail, headers)
+
+
+class BoolMeta(type):
+    def __bool__(cls) -> bool:
+        return cls.kind == "allowed"  # type: ignore
+
+    def __repr__(cls) -> str:
+        return cls.reason  # type: ignore
+
+
+class HasPermission(int, metaclass=BoolMeta):
+    """
+    A type used to know if a permission is allowed or not.
+
+    It behave has a boolean, but 3 possibilities exists defind has 3 sub-types
+    {class}`Allowed` {class}`Unauthenticated` or {class}`Denied`.
+
+    In many cases Unauthenticated call may redirect to a login page,
+    where authenticated user are not redirected. they have an error message,
+    or the frontend may use the information to adapt its interface.
+    """
+
+    kind: Literal["allowed", "unauthenticated", "denied"]
+    """
+    Identified basic information of the response.
+    It distinguished unauthenticated and denied to eventually raised 401 over 403 error.
+    """
+    reason: str
+    """A human explanation of the response."""
+
+    def __new__(cls, reason: str) -> "HasPermission":
+        instance = super().__new__(cls)
+        instance.reason = reason
+        return instance
+
+    def __repr__(self) -> str:
+        return self.reason
+
+    def __bool__(self) -> bool:
+        return self.kind == "allowed"
+
+
+class Allowed(HasPermission):
+    """Represent a permission check result that is allowed."""
+
+    kind = "allowed"
+    reason = "Allowed"
+
+
+class Unauthenticated(HasPermission):
+    """
+    Represent a permission check result that is not allowed due to
+    missing authentication mechanism.
+    """
+
+    kind = "unauthenticated"
+    reason = "Authentication required"
+
+
+class Denied(HasPermission):
+    """
+    Represent a permission check result that is not allowed due to lack of permission.
+    """
+
+    kind = "denied"
+    reason = "Access denied to this resource"

fastlife/middlewares/base.py

@@ -2,7 +2,7 @@
 
 import abc
 
-from starlette.types import Receive, Scope, Send
+from fastlife.domain.model.asgi import Receive, Scope, Send
 
 
 class AbstractMiddleware(abc.ABC):

fastlife/middlewares/reverse_proxy/x_forwarded.py

@@ -1,8 +1,7 @@
 import logging
 from collections.abc import Sequence
 
-from starlette.types import ASGIApp, Receive, Scope, Send
-
+from fastlife.domain.model.asgi import ASGIApp, Receive, Scope, Send
 from fastlife.middlewares.base import AbstractMiddleware
 
 log = logging.getLogger(__name__)

fastlife/middlewares/session/__init__.py

@@ -15,9 +15,9 @@ from fastlife import Configurator, configure
 from fastlife.shared_utils.resolver import resolve
 
 from .middleware import SessionMiddleware
-from .serializer import AbsractSessionSerializer, SignedSessionSerializer
+from .serializer import AbsractSessionSerializer
 
-__all__ = ["SessionMiddleware", "AbsractSessionSerializer", "SignedSessionSerializer"]
+__all__ = ["AbsractSessionSerializer", "SessionMiddleware"]
 
 
 @configure

fastlife/middlewares/session/middleware.py

@@ -5,11 +5,11 @@ from typing import Literal
 
 from starlette.datastructures import MutableHeaders
 from starlette.requests import HTTPConnection
-from starlette.types import ASGIApp, Message, Receive, Scope, Send
 
+from fastlife.domain.model.asgi import ASGIApp, Message, Receive, Scope, Send
 from fastlife.middlewares.base import AbstractMiddleware
 
-from .serializer import AbsractSessionSerializer, SignedSessionSerializer
+from .serializer import AbsractSessionSerializer
 
 
 class SessionMiddleware(AbstractMiddleware):
@@ -17,6 +17,7 @@ class SessionMiddleware(AbstractMiddleware):
 
     def __init__(
         self,
+        *,
         app: ASGIApp,
         cookie_name: str,
         secret_key: str,
@@ -25,7 +26,7 @@ class SessionMiddleware(AbstractMiddleware):
         cookie_same_site: Literal["lax", "strict", "none"] = "lax",
         cookie_secure: bool = False,
         cookie_domain: str = "",
-        serializer: type[AbsractSessionSerializer] = SignedSessionSerializer,
+        serializer: type[AbsractSessionSerializer],
     ) -> None:
         self.app = app
         self.max_age = int(duration.total_seconds())

fastlife/middlewares/session/serializer.py

@@ -1,13 +1,9 @@
 """Serialize session."""
 
 import abc
-import json
-from base64 import b64decode, b64encode
 from collections.abc import Mapping
 from typing import Any
 
-import itsdangerous
-
 
 class AbsractSessionSerializer(abc.ABC):
     """Session serializer base class"""
@@ -24,43 +20,3 @@ class AbsractSessionSerializer(abc.ABC):
     def deserialize(self, data: bytes) -> tuple[Mapping[str, Any], bool]:
         """Derialize the session raw bytes content and return it as a mapping."""
         ...
-
-
-class SignedSessionSerializer(AbsractSessionSerializer):
-    """
-    The default fastlife session serializer.
-
-    It's based on the itsdangerous package to sign the session with a secret key.
-
-    :param secret_key: a secret used to sign the session payload.
-
-    :param max_age: session lifetime in seconds.
-    """
-
-    def __init__(self, secret_key: str, max_age: int) -> None:
-        self.signer = itsdangerous.TimestampSigner(secret_key)
-        self.max_age = max_age
-
-    def serialize(self, data: Mapping[str, Any]) -> bytes:
-        """Serialize and sign the session."""
-        dump = json.dumps(data).encode("utf-8")
-        encoded = b64encode(dump)
-        signed = self.signer.sign(encoded)
-        return signed
-
-    def deserialize(self, data: bytes) -> tuple[Mapping[str, Any], bool]:
-        """Deserialize the session.
-
-        If the signature is incorect, the session restart from the begining.
-        No exception raised.
-        """
-        try:
-            data = self.signer.unsign(data, max_age=self.max_age)
-            # We can't deserialize something wrong since the serialize
-            # is signing the content.
-            # If the signature key is compromise and we have invalid payload,
-            # raising exceptions here is fine, it's dangerous afterall.
-            session = json.loads(b64decode(data))
-        except itsdangerous.BadSignature:
-            return {}, True
-        return session, False

fastlife/{services/policy.py → service/check_permission.py}

@@ -26,7 +26,7 @@ def check_permission(permission_name: str) -> CheckPermissionHook:
         if request.security_policy is None:
             raise RuntimeError(
                 f"Request {request.url.path} require a security policy, "
-                "explicit fastlife.security.policy.InsecurePolicy is required"
+                "explicit fastlife.service.security_policy.InsecurePolicy is required"
             )
         allowed = await request.security_policy.has_permission(permission_name)
         match allowed.kind:

fastlife/{security → service}/csrf.py

@@ -6,7 +6,7 @@ Fast life did not reinvent the wheel on CSRF Protection.
 It use the good old method. A CSRF token is saved in a cookie.
 Forms post the CSRF token, and the token in the cookies and the form must match
 to process the request, otherwise an exception
-{class}`fastlife.security.csrf.CSRFAttack` is raised.
+{class}`fastlife.service.csrf.CSRFAttack` is raised.
 
 The cookie named is configurabllefia the settings
 :attr:`fastlife.config.settings.Settings.csrf_token_name`
@@ -21,7 +21,7 @@ no way to prevent to set the cookie in the request.
 from collections.abc import Callable, Coroutine
 from typing import Any
 
-from fastlife.request import Request
+from fastlife.adapters.fastapi.request import Request
 
 
 class CSRFAttack(Exception):

fastlife/service/locale_negociator.py

@@ -0,0 +1,23 @@
+"""Find the localization gor the given request."""
+
+from collections.abc import Callable
+from typing import Any
+
+from fastlife.settings import Settings
+
+LocaleName = str
+"""The LocaleName is a locale such as en, fr that will be consume for translations."""
+
+from fastlife.adapters.fastapi.request import GenericRequest  # coverage: ignore
+
+LocaleNegociator = Callable[[GenericRequest[Any, Any]], LocaleName]  # coverage: ignore
+"""Interface to implement to negociate a locale"""  # coverage: ignore
+
+
+def default_negociator(settings: Settings) -> LocaleNegociator:
+    """The default local negociator return the locale set in the conf."""
+
+    def locale_negociator(request: "GenericRequest[Any, Any]") -> str:
+        return settings.default_locale
+
+    return locale_negociator

fastlife/{config → service}/registry.py

@@ -1,15 +1,14 @@
 from collections.abc import Mapping
 from typing import TYPE_CHECKING, Generic, TypeVar
 
-from fastlife.services.locale_negociator import LocaleNegociator, default_negociator
-from fastlife.services.translations import LocalizerFactory
-
 if TYPE_CHECKING:
-    from fastlife.services.templates import (  # coverage: ignore
+    from fastlife.service.locale_negociator import LocaleNegociator  # coverage: ignore
+    from fastlife.service.templates import (  # coverage: ignore
         AbstractTemplateRendererFactory,  # coverage: ignore
     )  # coverage: ignore
+    from fastlife.service.translations import LocalizerFactory  # coverage: ignore
 
-from .settings import Settings
+from fastlife.settings import Settings
 
 TSettings = TypeVar("TSettings", bound=Settings, covariant=True)
 """
@@ -24,11 +23,18 @@ class GenericRegistry(Generic[TSettings]):
     """
 
     settings: Settings
+    """Application settings."""
     renderers: Mapping[str, "AbstractTemplateRendererFactory"]
-    locale_negociator: LocaleNegociator
-    localizer: LocalizerFactory
+    """Registered template engine."""
+    locale_negociator: "LocaleNegociator"
+    """Used to fine the best language for the response."""
+    localizer: "LocalizerFactory"
+    """Used to localized message."""
 
     def __init__(self, settings: Settings) -> None:
+        from fastlife.service.locale_negociator import default_negociator
+        from fastlife.service.translations import LocalizerFactory
+
         self.settings = settings
         self.locale_negociator = default_negociator(self.settings)
         self.renderers = {}

fastlife/service/security_policy.py

@@ -0,0 +1,100 @@
+"""Security policy."""
+
+import abc
+from typing import Annotated, Any, Generic
+from uuid import UUID
+
+from fastapi import Depends
+
+from fastlife import GenericRequest, get_request
+from fastlife.domain.model.security_policy import (
+    Allowed,
+    Forbidden,
+    HasPermission,
+    TUser,
+    Unauthorized,
+)
+from fastlife.service.registry import TRegistry
+
+
+class AbstractSecurityPolicy(abc.ABC, Generic[TUser, TRegistry]):
+    """Security policy base class."""
+
+    Forbidden = Forbidden
+    """The exception raised if the user identified is not granted."""
+    Unauthorized = Unauthorized
+    """The exception raised if no user has been identified."""
+
+    request: GenericRequest[TUser, TRegistry]
+    """Request where the security policy is applied."""
+
+    def __init__(
+        self, request: Annotated[GenericRequest[TUser, TRegistry], Depends(get_request)]
+    ):
+        """
+        Build the security policy.
+
+        When implementing a security policy, multiple parameters can be added
+        to the constructor as FastAPI dependencies, using the `Depends` FastAPI
+        annotation.
+        The security policy is installed has a depenency of the router that hold
+        a route prefix of the application.
+        """
+        self.request = request
+        self.request.security_policy = self  # we do backref to implement has_permission
+
+    @abc.abstractmethod
+    async def identity(self) -> TUser | None:
+        """
+        Return app-specific user object or raise an HTTPException.
+        """
+
+    @abc.abstractmethod
+    async def authenticated_userid(self) -> str | UUID | None:
+        """
+        Return app-specific user object or raise an HTTPException.
+        """
+
+    @abc.abstractmethod
+    async def has_permission(
+        self, permission: str
+    ) -> HasPermission | type[HasPermission]:
+        """Allow access to everything if signed in."""
+
+    @abc.abstractmethod
+    async def remember(self, user: TUser) -> None:
+        """Save the user identity in the request session."""
+
+    @abc.abstractmethod
+    async def forget(self) -> None:
+        """Destroy the request session."""
+
+
+class InsecurePolicy(AbstractSecurityPolicy[None, Any]):
+    """
+    An implementation of the security policy made for explicit unsecured access.
+
+    Setting a permission on a view require a security policy, if not set, accessing
+    to a view will raise a RuntimeError. To bypass this error for testing purpose
+    or your own reason, the InsecurePolicy has to be set to the configurator.
+    """
+
+    async def identity(self) -> None:
+        """Nobodies is identified."""
+        return None
+
+    async def authenticated_userid(self) -> str | UUID:
+        """An uuid mades of 0."""
+        return UUID(int=0)
+
+    async def has_permission(
+        self, permission: str
+    ) -> HasPermission | type[HasPermission]:
+        """Access is allways granted."""
+        return Allowed
+
+    async def remember(self, user: None) -> None:
+        """Do nothing."""
+
+    async def forget(self) -> None:
+        """Do nothing."""

fastlife/{services → service}/templates.py

@@ -13,9 +13,7 @@ from collections.abc import Mapping
 from typing import Any
 
 from fastlife import Request, Response
-from fastlife.templates.inline import InlineTemplate
-
-TemplateParams = Mapping[str, Any]
+from fastlife.domain.model.template import InlineTemplate
 
 
 class AbstractTemplateRenderer(abc.ABC):
@@ -77,9 +75,6 @@ class AbstractTemplateRenderer(abc.ABC):
 class AbstractTemplateRendererFactory(abc.ABC):
     """
     The template render factory.
-
-    The implementation of this class is found using the settings
-    :attr:`fastlife.config.settings.Settings.template_renderer_class`.
     """
 
     @abc.abstractmethod

fastlife/{services → service}/translations.py

@@ -64,6 +64,9 @@ class Localizer:
         self.translations[domain].merge(trans)
         self.global_translations.merge(trans)
 
+    def __call__(self, message: str, mapping: dict[str, str] | None = None) -> str:
+        return self.gettext(message, mapping)
+
     def gettext(self, message: str, mapping: dict[str, str] | None = None) -> str:
         ret = self.global_translations.gettext(message)
         if mapping:

fastlife/{config/settings.py → settings.py}

@@ -29,15 +29,9 @@ class Settings(BaseSettings):
     a python module name. for instance `fastlife:components` is the directory components
     found in the fastlife package.
     """
-    registry_class: str = Field(default="fastlife.config.registry:DefaultRegistry")
+    registry_class: str = Field(default="fastlife.service.registry:DefaultRegistry")
     """Implementation class for the application regitry."""
-    template_renderer_class: str = Field(
-        default="fastlife.templates.renderer:JinjaxEngine"
-    )
-    """
-    Implementation class for the
-    {class}`fastlife.templates.renderer.AbstractTemplateRenderer`.
-    """
+
     form_data_model_prefix: str = Field(default="payload")
     """
     Pydantic form default model prefix for serialized field in www-urlencoded-form.
@@ -70,12 +64,12 @@ class Settings(BaseSettings):
     Set to true while developing, set false for production.
     """
     jinjax_global_catalog_class: str = Field(
-        default="fastlife.templates.constants:Constants"
+        default="fastlife.template_globals:Globals"
     )
     """
     Set global constants accessible in every templates.
-    Defaults to `fastlife.templates.constants:Constants`
-    See {class}`fastlife.templates.constants.Constants`
+    Defaults to `fastlife.template_globals:Globals`
+    See {class}`fastlife.template_globals.Globals`
     """
 
     session_secret_key: str = Field(default="")
@@ -101,7 +95,7 @@ class Settings(BaseSettings):
     should be true while using https on production.
     """
     session_serializer: str = Field(
-        default="fastlife.middlewares.session.serializer:SignedSessionSerializer"
+        default="fastlife.adapters.itsdangerous:SignedSessionSerializer"
     )
     """Cookie serializer for the session cookie."""
 

fastlife/shared_utils/infer.py

@@ -1,10 +1,14 @@
 """Type inference."""
 
+import inspect
+from collections.abc import Callable
 from types import UnionType
-from typing import Any, Union, get_origin
+from typing import Any, Union, get_args, get_origin
 
 from pydantic import BaseModel
 
+from fastlife.domain.model.template import InlineTemplate
+
 
 def is_complex_type(typ: type[Any]) -> bool:
     """
@@ -25,3 +29,22 @@ def is_union(typ: type[Any]) -> bool:
         if type_origin is UnionType:  # T | U
             return True
     return False
+
+
+def is_inline_template_returned(endpoint: Callable[..., Any]) -> bool:
+    """Test if a view, the endpoint return a template."""
+    signature = inspect.signature(endpoint)
+    return_annotation = signature.return_annotation
+
+    if isinstance(return_annotation, type) and issubclass(
+        return_annotation, InlineTemplate
+    ):
+        return True
+
+    if is_union(return_annotation):
+        return any(
+            isinstance(arg, type) and issubclass(arg, InlineTemplate)
+            for arg in get_args(return_annotation)
+        )
+
+    return False

fastlife/{templates/constants.py → template_globals.py}

@@ -16,7 +16,7 @@ def space_join(*segments: str) -> str:
     return " ".join(segments)
 
 
-class Constants(BaseModel):
+class Globals(BaseModel):
     """Templates constants."""
 
     A_CLASS: str = space_join(
@@ -315,7 +315,7 @@ class Constants(BaseModel):
     SUMMARY_CLASS: str = "flex items-center items-center font-medium cursor-pointer"
     """Default css class for {jinjax:component}`Summary`."""
 
-    TABLE_CLASS: str = "table-auto w-full text-left border-colapse"
+    TABLE_CLASS: str = "table-auto w-full text-left border-collapse"
     """Default css class for {jinjax:component}`Table`."""
 
     TD_CLASS: str = "px-4 py-2 font-normal border-b dark:border-neutral-500"

fastlife/testing/testclient.py

@@ -8,10 +8,10 @@ import bs4
 import httpx
 from fastapi.testclient import TestClient
 from multidict import MultiDict
-from starlette.types import ASGIApp
 
-from fastlife.config.settings import Settings
+from fastlife.domain.model.asgi import ASGIApp
 from fastlife.middlewares.session.serializer import AbsractSessionSerializer
+from fastlife.settings import Settings
 from fastlife.shared_utils.resolver import resolve
 from fastlife.testing.dom import Element
 from fastlife.testing.form import WebForm

fastlife/views/__init__.py

@@ -0,0 +1 @@
+"""Fastlife views."""

fastlife/views/pydantic_form.py

@@ -1,3 +1,9 @@
+"""
+Views for pydantic form.
+
+Pydantic form generate form that may contains fields that requires some ajax query.
+"""
+
 from typing import cast
 
 from fastapi import Query

{fastlifeweb-0.21.0.dist-info → fastlifeweb-0.22.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fastlifeweb
-Version: 0.21.0
+Version: 0.22.1
 Summary: High-level web framework
 Author-Email: Guillaume Gauvrit <guillaume@gauvr.it>
 License: MIT License