maleo-foundation 0.2.7__py3-none-any.whl → 0.2.9__py3-none-any.whl

maleo_foundation/authentication.py

@@ -1,25 +1,26 @@
 from pydantic import BaseModel, Field
 from starlette.authentication import AuthCredentials, BaseUser
 from typing import Optional, Sequence
+from maleo_foundation.enums import BaseEnums
 from maleo_foundation.models.transfers.general.token import MaleoFoundationTokenGeneralTransfers
 from maleo_foundation.types import BaseTypes
 
 class Credentials(AuthCredentials):
     def __init__(
         self,
-        key:BaseTypes.OptionalString = None,
+        token_type:Optional[BaseEnums.TokenType] = None,
         token:BaseTypes.OptionalString = None,
         payload:Optional[MaleoFoundationTokenGeneralTransfers.DecodePayload] = None,
         scopes:Optional[Sequence[str]] = None
     ) -> None:
-        self._key = key
+        self._token_type = token_type
         self._token = token
         self._payload = payload
         super().__init__(scopes)
 
     @property
-    def key(self) -> BaseTypes.OptionalString:
-        return self._key
+    def token_type(self) -> Optional[BaseEnums.TokenType]:
+        return self._token_type
 
     @property
     def token(self) -> BaseTypes.OptionalString:

maleo_foundation/authorization.py

@@ -0,0 +1,8 @@
+from fastapi import Security
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from pydantic import BaseModel
+
+TOKEN_SCHEME = HTTPBearer()
+
+class Authorization(BaseModel):
+    token:HTTPAuthorizationCredentials = Security(TOKEN_SCHEME)

maleo_foundation/managers/service.py

@@ -257,24 +257,20 @@ class ServiceManager:
     def foundation(self) -> MaleoFoundationClientManager:
         return self._foundation
 
-    async def generate_token(self) -> BaseTypes.OptionalString:
-        raise NotImplementedError()
-
     @property
-    def token(self) -> str:
+    def token(self) -> BaseTypes.OptionalString:
         payload = MaleoFoundationTokenGeneralTransfers.BaseEncodePayload(
             iss=None,
             sub=str(self._maleo_credentials.id),
             sr="administrator",
             u_u=self._maleo_credentials.username,
             u_e=self._maleo_credentials.email,
-            u_ut="service"
+            u_ut="service",
+            exp_in=1
         )
         parameters = MaleoFoundationTokenParametersTransfers.Encode(key=self._keys.private, password=self._keys.password, payload=payload)
         result = self._foundation.services.token.encode(parameters=parameters)
-        if not result.success:
-            raise RuntimeError("Failed encoding payload into token")
-        return result.data.token
+        return result.data.token if result.success else None
 
     def create_app(self, router:APIRouter, lifespan:Optional[Lifespan[AppType]] = None) -> FastAPI:
         self._loggers.application.info("Creating FastAPI application")

maleo_foundation/middlewares/authentication.py

@@ -1,10 +1,10 @@
-from datetime import datetime, timezone
 from fastapi import FastAPI
 from starlette.authentication import AuthenticationBackend, AuthenticationError
 from starlette.middleware.authentication import AuthenticationMiddleware
 from starlette.requests import HTTPConnection
 from typing import Tuple
 from maleo_foundation.authentication import Credentials, User
+from maleo_foundation.enums import BaseEnums
 from maleo_foundation.client.manager import MaleoFoundationClientManager
 from maleo_foundation.models.schemas import BaseGeneralSchemas
 from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
@@ -19,37 +19,56 @@ class Backend(AuthenticationBackend):
         self._maleo_foundation = maleo_foundation
 
     async def authenticate(self, conn:HTTPConnection) -> Tuple[Credentials, User]:
-        if "Authorization" not in conn.headers:
-            return Credentials(), User(authenticated=False)
+        if "Authorization" in conn.headers:
+            auth = conn.headers["Authorization"]
+            parts = auth.split()
+            if len(parts) != 2 or parts[0] != "Bearer":
+                raise AuthenticationError("Invalid Authorization header format")
+            scheme, token = parts
+            if scheme != 'Bearer':
+                raise AuthenticationError("Authorization scheme must be Bearer token")
+            
+            #* Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
+            decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
+            if decode_token_result.success:
+                payload = decode_token_result.data
+                return (
+                    Credentials(
+                        token_type=BaseEnums.TokenType.ACCESS,
+                        token=token,
+                        payload=payload,
+                        scopes=["authenticated", payload.sr]
+                    ),
+                    User(
+                        authenticated=True,
+                        username=payload.u_u,
+                        email=payload.u_e
+                    )
+                )
 
-        auth = conn.headers["Authorization"]
-        scheme, token = auth.split()
-        if scheme != 'Bearer':
-            # raise AuthenticationError("Authorization scheme must be Bearer token")
-            return Credentials(), User(authenticated=False)
+        if "token" in conn.cookies:
+            token = conn.cookies["token"]
+            #* Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
+            decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
+            if decode_token_result.success:
+                payload = decode_token_result.data
+                return (
+                    Credentials(
+                        token_type=BaseEnums.TokenType.REFRESH,
+                        token=token,
+                        payload=payload,
+                        scopes=["authenticated", payload.sr]
+                    ),
+                    User(
+                        authenticated=True,
+                        username=payload.u_u,
+                        email=payload.u_e
+                    )
+                )
 
-        decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
-        decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
-        if not decode_token_result.success:
-            # raise AuthenticationError("Invalid Bearer token, unable to decode token")
-            return Credentials(), User(authenticated=False)
-        if decode_token_result.data.exp_dt <= datetime.now(tz=timezone.utc):
-            # raise AuthenticationError("Expired Bearer token, request new or refresh token")
-            return Credentials(), User(authenticated=False)
-
-        payload = decode_token_result.data
-        return (
-            Credentials(
-                token=token,
-                payload=payload,
-                scopes=["authenticated", payload.sr]
-            ),
-            User(
-                authenticated=True,
-                username=payload.u_u,
-                email=payload.u_e
-            )
-        )
+        return Credentials(), User(authenticated=False)
 
 def add_authentication_middleware(app:FastAPI, keys:BaseGeneralSchemas.RSAKeys, logger:MiddlewareLogger, maleo_foundation:MaleoFoundationClientManager) -> None:
     """

maleo_foundation/middlewares/base.py

@@ -8,10 +8,13 @@ from fastapi import FastAPI, Request, Response, status
 from fastapi.responses import JSONResponse
 from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
 from typing import Awaitable, Callable, Optional, Sequence
-from maleo_foundation.authentication import Credentials, User
+from maleo_foundation.authentication import Authentication
+from maleo_foundation.enums import BaseEnums
 from maleo_foundation.client.manager import MaleoFoundationClientManager
 from maleo_foundation.models.schemas import BaseGeneralSchemas
 from maleo_foundation.models.responses import BaseResponses
+from maleo_foundation.models.transfers.general.token import MaleoFoundationTokenGeneralTransfers
+from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
 from maleo_foundation.models.transfers.parameters.signature import MaleoFoundationSignatureParametersTransfers
 from maleo_foundation.utils.extractor import BaseExtractors
 from maleo_foundation.utils.logging import MiddlewareLogger
@@ -117,6 +120,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
     def _add_response_headers(
         self,
         request:Request,
+        authentication:Authentication,
         response:Response,
         request_timestamp:datetime,
         response_timestamp:datetime,
@@ -132,11 +136,22 @@ class BaseMiddleware(BaseHTTPMiddleware):
         if sign_result.success:
             response.headers["X-Signature"] = sign_result.data.signature
         response = self._append_cors_headers(request=request, response=response) #* Re-append CORS headers
+        if authentication.user.is_authenticated \
+            and authentication.credentials.token_type == BaseEnums.TokenType.REFRESH \
+            and authentication.credentials.payload is not None \
+            and (response.status_code >= 200 and response.status_code < 300):
+            #* Regenerate new authorization
+            payload = MaleoFoundationTokenGeneralTransfers.BaseEncodePayload.model_validate(authentication.credentials.payload.model_dump())
+            parameters = MaleoFoundationTokenParametersTransfers.Encode(key=self._keys.private, password=self._keys.password, payload=payload)
+            result = self._maleo_foundation.services.token.encode(parameters=parameters)
+            if result.success:
+                response.headers["X-New-Authorization"] = result.data.token
         return response
 
     def _build_response(
         self,
         request:Request,
+        authentication:Authentication,
         authentication_info:str,
         response:Response,
         request_timestamp:datetime,
@@ -145,7 +160,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
         log_level:str = "info",
         client_ip:str = "unknown"
     ) -> Response:
-        response = self._add_response_headers(request, response, request_timestamp, response_timestamp, process_time)
+        response = self._add_response_headers(request, authentication, response, request_timestamp, response_timestamp, process_time)
         log_func = getattr(self._logger, log_level)
         log_func(
             f"Request {authentication_info} | IP: {client_ip} | Host: {request.client.host} | Port: {request.client.port} | Method: {request.method} | URL: {request.url.path} | "
@@ -156,6 +171,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
     def _handle_exception(
         self,
         request:Request,
+        authentication:Authentication,
         authentication_info:str,
         error,
         request_timestamp:datetime,
@@ -183,7 +199,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             f"Headers: {dict(request.headers)} - Response | Status: 500 | Exception:\n{json.dumps(error_details, indent=4)}"
         )
 
-        return self._add_response_headers(request, response, request_timestamp, response_timestamp, process_time)
+        return self._add_response_headers(request, authentication, response, request_timestamp, response_timestamp, process_time)
 
     async def _request_processor(self, request:Request) -> Optional[Response]:
         return None
@@ -193,17 +209,21 @@ class BaseMiddleware(BaseHTTPMiddleware):
         request_timestamp = datetime.now(tz=timezone.utc) #* Record the request timestamp
         start_time = time.perf_counter() #* Record the start time
         client_ip = BaseExtractors.extract_client_ip(request) #* Get request IP with improved extraction
-        user:User = request.user
-        if not user.is_authenticated:
+        authentication = Authentication(
+            credentials=request.auth,
+            user=request.user
+        )
+        if not authentication.user.is_authenticated:
             authentication_info = "| Unauthenticated"
         else:
-            authentication_info = f"| Username: {user.display_name} | Email:{user.identity}"
+            authentication_info = f"| Username: {authentication.user.display_name} | Email:{authentication.user.identity}"
 
         try:
             #* 1. Rate limit check
             if self._check_rate_limit(client_ip):
                 return self._build_response(
                     request=request,
+                    authentication=authentication,
                     authentication_info=authentication_info,
                     response=JSONResponse(
                         content=BaseResponses.RateLimitExceeded().model_dump(),
@@ -221,6 +241,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             if pre_response is not None:
                 return self._build_response(
                     request=request,
+                    authentication=authentication,
                     authentication_info=authentication_info,
                     response=pre_response,
                     request_timestamp=request_timestamp,
@@ -234,6 +255,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             response = await call_next(request)
             response = self._build_response(
                 request=request,
+                authentication=authentication,
                 authentication_info=authentication_info,
                 response=response,
                 request_timestamp=request_timestamp,
@@ -248,6 +270,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
         except Exception as e:
             return self._handle_exception(
                 request=request,
+                authentication=authentication,
                 authentication_info=authentication_info,
                 error=e,
                 request_timestamp=request_timestamp,

maleo_foundation/models/transfers/general/token.py

@@ -27,7 +27,7 @@ class MaleoFoundationTokenGeneralTransfers:
 
     class EncodePayload(DecodePayload):
         iat_dt:datetime = Field(datetime.now(timezone.utc), description="Issued at (datetime)")
-        exp_in:int = Field(5, ge=5, description="Expires in (integer, minutes)", exclude=True)
+        exp_in:int = Field(15, ge=5, description="Expires in (integer, minutes)", exclude=True)
 
         @model_validator(mode="before")
         @classmethod

maleo_foundation/utils/dependencies/__init__.py

@@ -0,0 +1,5 @@
+from __future__ import annotations
+from .auth import AuthDependencies
+
+class BaseDependencies:
+    Auth = AuthDependencies

maleo_foundation/utils/dependencies/auth.py

@@ -0,0 +1,14 @@
+from fastapi import Security
+from fastapi.requests import Request
+from fastapi.security import HTTPAuthorizationCredentials
+from maleo_foundation.authentication import Authentication
+from maleo_foundation.authorization import TOKEN_SCHEME, Authorization
+
+class AuthDependencies:
+    @staticmethod
+    def authentication(request:Request) -> Authentication:
+        return Authentication(credentials=request.auth, user=request.user)
+
+    @staticmethod
+    def authorization(token:HTTPAuthorizationCredentials = Security(TOKEN_SCHEME)) -> Authorization:
+        return Authorization(token=token)

{maleo_foundation-0.2.7.dist-info → maleo_foundation-0.2.9.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: maleo_foundation
-Version: 0.2.7
+Version: 0.2.9
 Summary: Foundation package for Maleo
 Author-email: Agra Bima Yuda <agra@nexmedis.com>
 License: MIT

{maleo_foundation-0.2.7.dist-info → maleo_foundation-0.2.9.dist-info}/RECORD

@@ -1,5 +1,6 @@
 maleo_foundation/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-maleo_foundation/authentication.py,sha256=0HhZsmZM_oMiC71FpnTBLbx2sQzdsI-RgwNqvxvn5zg,1750
+maleo_foundation/authentication.py,sha256=kJfuRKgQY5cjmn0r36z4a4jF4bg7UifZ9D9mgMMnTsw,1840
+maleo_foundation/authorization.py,sha256=jTacP6xqs6zfzn7xeAD4MnLnyNvzvUQYSmoTnLD5I7s,255
 maleo_foundation/constants.py,sha256=aBmEfWlBqZxi0k-n6h2NM1YRLOjMnheEiLyQcjP-zCQ,1164
 maleo_foundation/enums.py,sha256=uvwl3dl2r6BoJMEbtSETiLoyJubHup9Lc7VOg7w7zQo,2943
 maleo_foundation/extended_types.py,sha256=pIKt-_9tby4rmune3fmWcCW_mohaNRh_1lywBmdc-L4,301
@@ -32,7 +33,7 @@ maleo_foundation/expanded_types/encryption/rsa.py,sha256=MuhB_DGrjnsl4t96W4pKuCt
 maleo_foundation/managers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 maleo_foundation/managers/db.py,sha256=Pn5EZ-c1Hy6-BihN7KokHJWmBIt3Ty96fZ0zF-srtF4,5208
 maleo_foundation/managers/middleware.py,sha256=ODIQU1Hpu-Xempjjo_VRbVtxiD5oi74mNuoWuDawRh0,4250
-maleo_foundation/managers/service.py,sha256=VggsQUS_i80_fGZYrErBALYXLLFx1JnE4prGJ0L6HjU,16240
+maleo_foundation/managers/service.py,sha256=MEAoL2zab3k0d894zwP4Sem3Na38jS2gFsAiEJUmXZM,16110
 maleo_foundation/managers/client/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 maleo_foundation/managers/client/base.py,sha256=5z9l2GN4QASF0-Lft8o5QQ3SRPXqeNZNT1S1CgaE764,4384
 maleo_foundation/managers/client/maleo.py,sha256=iCM47TLL-RSQ2FkTmHVPdsb2JCd1LebMx6OJvIr4vCQ,2035
@@ -40,8 +41,8 @@ maleo_foundation/managers/client/google/__init__.py,sha256=47DEQpj8HBSa-_TImW-5J
 maleo_foundation/managers/client/google/base.py,sha256=eIdd6C2BFIu4EyZ1j017VZaJn_nSTPGFftBwQmVAUDA,1366
 maleo_foundation/managers/client/google/secret.py,sha256=Ski1CHYeA8vjSk2Oc2Pf4CfFrzT_RcA6NEZwza7gM7Y,4464
 maleo_foundation/managers/client/google/storage.py,sha256=JFqXd9QgusT75KAWyWdin8V6BbbKcbBCrmWDpqg6i3Q,2530
-maleo_foundation/middlewares/authentication.py,sha256=hBGaMiCt0CnUw7sg4PZJ3kFJ0OVXvkOR5LhZcz9QUU8,3545
-maleo_foundation/middlewares/base.py,sha256=g4cg9gIUveK9zbjhwQtkdefhuoSlv9BUWVCFaSlOClw,13303
+maleo_foundation/middlewares/authentication.py,sha256=RWFjBciFVVyd-Dl-blFymwzS2F-fGXiN7E3W8a4nPy8,4414
+maleo_foundation/middlewares/base.py,sha256=q8RJJkq39QBqU43DkriJCJlri7S7RVIMsArzfcy7T5Q,14825
 maleo_foundation/middlewares/cors.py,sha256=9uvBvY2N6Vxa9RP_YtESxcWo6Doi6uS0lzAG9iLY7Uc,2288
 maleo_foundation/models/__init__.py,sha256=AaKehO7c1HyKhoTGRmNHDddSeBXkW-_YNrpOGBu8Ms8,246
 maleo_foundation/models/responses.py,sha256=iKJs9EFemCuUOc-IxEUwjX9RgNnPf-mw7yGheCGyVDA,4896
@@ -59,7 +60,7 @@ maleo_foundation/models/transfers/__init__.py,sha256=oJLJ3Geeme6vBw7R2Dhvdvg4ziV
 maleo_foundation/models/transfers/general/__init__.py,sha256=UPIE9l9XXCb6nWzaV3atMgbbCeBeRzsvFyROJuH2d2w,168
 maleo_foundation/models/transfers/general/key.py,sha256=tLKkXbwNu7Oc1MdKa8-Y7TlBAIk54h_02AmL5Yg2PrQ,751
 maleo_foundation/models/transfers/general/signature.py,sha256=J9xQy2HjpCQOnES7RJqsUnDgjFPuakQ1mxyfdTdstSE,297
-maleo_foundation/models/transfers/general/token.py,sha256=yj5wM9Wvc0BqyRRDtKiyaaLv-JQf51IIA604JWj-Cqw,2697
+maleo_foundation/models/transfers/general/token.py,sha256=77V2YBB-zQppIxFxxrtbHprGzBvGWbXv2Ie72NaoF60,2698
 maleo_foundation/models/transfers/parameters/__init__.py,sha256=oKW4RPIEISISRjsJzD8lsCGY1HhZRTzshPpWHcJu86k,353
 maleo_foundation/models/transfers/parameters/client.py,sha256=tn_Hwa-k-Utp5rODe7GylqZB8djIKKupgkUFscYCyLc,4059
 maleo_foundation/models/transfers/parameters/general.py,sha256=WoekZJCIoAllhXdRIJkNRdNq0QEIn0bteiHJLtzkCxU,579
@@ -98,6 +99,8 @@ maleo_foundation/utils/extractor.py,sha256=SZXVYDHWGaA-Dd1BUydwF2HHdZqexEielS4Cj
 maleo_foundation/utils/logging.py,sha256=W5Fhk_xAXVqSujaY8mv3hRH4wlQSpUn4ReuMoiKcQa4,7759
 maleo_foundation/utils/mergers.py,sha256=DniUu3Ot4qkYH_YSw4uD1cn9cfirum4S_Opp8fMkQwA,702
 maleo_foundation/utils/query.py,sha256=ODQ3adOYQNj5E2cRW9ytbjBz56nEDcnfq8mQ6YZbCCM,4375
+maleo_foundation/utils/dependencies/__init__.py,sha256=0KKGrdfj8Cc5A4SRk_ZBAxzOP795Mizdb4zIBh07KC4,122
+maleo_foundation/utils/dependencies/auth.py,sha256=E5DfxX7iN-R1vG1lAB9m_U1R52wcBhpVWknPEnZEM8Y,592
 maleo_foundation/utils/formatter/__init__.py,sha256=iKf5YCbEdg1qKnFHyKqqcQbqAqEeRUf8mhI3v3dQoj8,78
 maleo_foundation/utils/formatter/case.py,sha256=TmvvlfzGdC_omMTB5vAa40TZBxQ3hnr-SYeo0M52Rlg,1352
 maleo_foundation/utils/loaders/__init__.py,sha256=P_3ycGfeDXFjAi8bE4iLWHxBveqUIdpHgGv-klRWM3s,282
@@ -107,7 +110,7 @@ maleo_foundation/utils/loaders/credential/__init__.py,sha256=qopTKvcMVoTFwyRijeg
 maleo_foundation/utils/loaders/credential/google.py,sha256=deksZXT5wPhEsSMHbZ3x05WHXxCjLDt76Ns-1Tmhp7g,948
 maleo_foundation/utils/loaders/key/__init__.py,sha256=hVygcC2ImHc_aVrSrOmyedR8tMUZokWUKCKOSh5ctbo,106
 maleo_foundation/utils/loaders/key/rsa.py,sha256=gDhyX6iTFtHiluuhFCozaZ3pOLKU2Y9TlrNMK_GVyGU,3796
-maleo_foundation-0.2.7.dist-info/METADATA,sha256=VMS1nmB6vuioBkMlZiflqejZ9d0jPbvldXzjNM3HdCA,3418
-maleo_foundation-0.2.7.dist-info/WHEEL,sha256=DnLRTWE75wApRYVsjgc6wsVswC54sMSJhAEd4xhDpBk,91
-maleo_foundation-0.2.7.dist-info/top_level.txt,sha256=_iBos3F_bhEOdjOnzeiEYSrCucasc810xXtLBXI8cQc,17
-maleo_foundation-0.2.7.dist-info/RECORD,,
+maleo_foundation-0.2.9.dist-info/METADATA,sha256=6NtW8gRCicNq9xqXcJ_IRipxUY6cr85L7-Lq6ioRkxw,3418
+maleo_foundation-0.2.9.dist-info/WHEEL,sha256=Nw36Djuh_5VDukK0H78QzOX-_FQEo6V37m3nkm96gtU,91
+maleo_foundation-0.2.9.dist-info/top_level.txt,sha256=_iBos3F_bhEOdjOnzeiEYSrCucasc810xXtLBXI8cQc,17
+maleo_foundation-0.2.9.dist-info/RECORD,,

{maleo_foundation-0.2.7.dist-info → maleo_foundation-0.2.9.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.4.0)
+Generator: setuptools (80.7.1)
 Root-Is-Purelib: true
 Tag: py3-none-any