maleo-foundation 0.3.45__py3-none-any.whl → 0.3.47__py3-none-any.whl

maleo_foundation/middlewares/authentication.py

@@ -7,98 +7,73 @@ from maleo_foundation.authentication import Token, Credentials, User
 from maleo_foundation.enums import BaseEnums
 from maleo_foundation.client.manager import MaleoFoundationClientManager
 from maleo_foundation.models.schemas import BaseGeneralSchemas
-from maleo_foundation.models.transfers.parameters.token \
-    import MaleoFoundationTokenParametersTransfers
+from maleo_foundation.models.transfers.parameters.token import (
+    MaleoFoundationTokenParametersTransfers,
+)
 from maleo_foundation.utils.exceptions import BaseExceptions
-from maleo_foundation.utils.logging import MiddlewareLogger
+
 
 class Backend(AuthenticationBackend):
     def __init__(
         self,
         keys: BaseGeneralSchemas.RSAKeys,
-        maleo_foundation: MaleoFoundationClientManager
+        maleo_foundation: MaleoFoundationClientManager,
     ):
         super().__init__()
         self._keys = keys
         self._maleo_foundation = maleo_foundation
 
-    async def authenticate(
-        self,
-        conn: HTTPConnection
-    ) -> Tuple[Credentials, User]:
+    async def authenticate(self, conn: HTTPConnection) -> Tuple[Credentials, User]:
         if "Authorization" in conn.headers:
             auth = conn.headers["Authorization"]
             parts = auth.split()
             if len(parts) != 2 or parts[0] != "Bearer":
                 raise AuthenticationError("Invalid Authorization header format")
             scheme, token = parts
-            if scheme != 'Bearer':
+            if scheme != "Bearer":
                 raise AuthenticationError("Authorization scheme must be Bearer token")
 
-            #* Decode token
-            decode_token_parameters = (
-                MaleoFoundationTokenParametersTransfers
-                .Decode(key=self._keys.public, token=token)
+            # * Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(
+                key=self._keys.public, token=token
             )
-            decode_token_result = (
-                self._maleo_foundation.services.token
-                .decode(parameters=decode_token_parameters)
+            decode_token_result = self._maleo_foundation.services.token.decode(
+                parameters=decode_token_parameters
             )
-            if decode_token_result.success:
+            if decode_token_result.success and decode_token_result.data is not None:
                 type = BaseEnums.TokenType.ACCESS
                 payload = decode_token_result.data
-                token = Token(
-                    type=type,
-                    payload=payload
-                )
+                token = Token(type=type, payload=payload)
                 return (
-                    Credentials(
-                        token=token,
-                        scopes=["authenticated", payload.sr]
-                    ),
-                    User(
-                        authenticated=True,
-                        username=payload.u_u,
-                        email=payload.u_e
-                    )
+                    Credentials(token=token, scopes=["authenticated", payload.sr]),
+                    User(authenticated=True, username=payload.u_u, email=payload.u_e),
                 )
 
         if "token" in conn.cookies:
             token = conn.cookies["token"]
-            #* Decode token
-            decode_token_parameters = (
-                MaleoFoundationTokenParametersTransfers
-                .Decode(key=self._keys.public, token=token)
+            # * Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(
+                key=self._keys.public, token=token
             )
-            decode_token_result = (
-                self._maleo_foundation.services.token
-                .decode(parameters=decode_token_parameters)
+            decode_token_result = self._maleo_foundation.services.token.decode(
+                parameters=decode_token_parameters
             )
-            if decode_token_result.success:
+            if decode_token_result.success and decode_token_result.data is not None:
                 type = BaseEnums.TokenType.REFRESH
                 payload = decode_token_result.data
-                token = Token(
-                    type=type,
-                    payload=payload
-                )
+                token = Token(type=type, payload=payload)
                 return (
-                    Credentials(
-                        token=token,
-                        scopes=["authenticated", payload.sr]
-                    ),
-                    User(
-                        authenticated=True,
-                        username=payload.u_u,
-                        email=payload.u_e
-                    )
+                    Credentials(token=token, scopes=["authenticated", payload.sr]),
+                    User(authenticated=True, username=payload.u_u, email=payload.u_e),
                 )
 
         return Credentials(), User(authenticated=False)
 
+
 def add_authentication_middleware(
     app: FastAPI,
     keys: BaseGeneralSchemas.RSAKeys,
-    maleo_foundation: MaleoFoundationClientManager
+    maleo_foundation: MaleoFoundationClientManager,
 ) -> None:
     """
     Adds Authentication middleware to the FastAPI application.
@@ -125,5 +100,5 @@ def add_authentication_middleware(
     app.add_middleware(
         AuthenticationMiddleware,
         backend=Backend(keys, maleo_foundation),
-        on_error=BaseExceptions.authentication_error_handler
-    )
+        on_error=BaseExceptions.authentication_error_handler,  # type: ignore
+    )

maleo_foundation/middlewares/base.py

@@ -9,15 +9,22 @@ from typing import Awaitable, Callable, Optional, Sequence, Dict, List
 from fastapi import FastAPI, Request, Response, status
 from fastapi.responses import JSONResponse
 from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
+from starlette.types import ASGIApp
 
 from maleo_foundation.authentication import Authentication
 from maleo_foundation.enums import BaseEnums
 from maleo_foundation.client.manager import MaleoFoundationClientManager
 from maleo_foundation.models.schemas import BaseGeneralSchemas
 from maleo_foundation.models.responses import BaseResponses
-from maleo_foundation.models.transfers.general.token import MaleoFoundationTokenGeneralTransfers
-from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
-from maleo_foundation.models.transfers.parameters.signature import MaleoFoundationSignatureParametersTransfers
+from maleo_foundation.models.transfers.general.token import (
+    MaleoFoundationTokenGeneralTransfers,
+)
+from maleo_foundation.models.transfers.parameters.token import (
+    MaleoFoundationTokenParametersTransfers,
+)
+from maleo_foundation.models.transfers.parameters.signature import (
+    MaleoFoundationSignatureParametersTransfers,
+)
 from maleo_foundation.models.transfers.general.request import RequestContext
 from maleo_foundation.utils.extractor import extract_request_context
 from maleo_foundation.utils.logging import MiddlewareLogger
@@ -25,6 +32,7 @@ from maleo_foundation.utils.logging import MiddlewareLogger
 RequestProcessor = Callable[[Request], Awaitable[Optional[Response]]]
 ResponseProcessor = Callable[[Response], Awaitable[Response]]
 
+
 class RateLimiter:
     """Thread-safe rate limiter with automatic cleanup."""
 
@@ -33,21 +41,18 @@ class RateLimiter:
         limit: int,
         window: timedelta,
         ip_timeout: timedelta,
-        cleanup_interval: timedelta
+        cleanup_interval: timedelta,
     ):
         self.limit = limit
         self.window = window
         self.ip_timeout = ip_timeout
         self.cleanup_interval = cleanup_interval
-        self._requests:Dict[str, List[datetime]] = defaultdict(list)
-        self._last_seen:Dict[str, datetime] = {}
+        self._requests: Dict[str, List[datetime]] = defaultdict(list)
+        self._last_seen: Dict[str, datetime] = {}
         self._last_cleanup = datetime.now()
         self._lock = threading.RLock()
 
-    def is_rate_limited(
-        self,
-        request_context: RequestContext
-    ) -> bool:
+    def is_rate_limited(self, request_context: RequestContext) -> bool:
         """Check if client IP is rate limited and record the request."""
         with self._lock:
             now = datetime.now()
@@ -56,7 +61,8 @@ class RateLimiter:
 
             # Remove old requests outside the window
             self._requests[client_ip] = [
-                timestamp for timestamp in self._requests[client_ip]
+                timestamp
+                for timestamp in self._requests[client_ip]
                 if now - timestamp <= self.window
             ]
 
@@ -68,10 +74,7 @@ class RateLimiter:
             self._requests[client_ip].append(now)
             return False
 
-    def cleanup_old_data(
-        self,
-        logger: MiddlewareLogger
-    ) -> None:
+    def cleanup_old_data(self, logger: MiddlewareLogger) -> None:
         """Clean up old request data to prevent memory growth."""
         now = datetime.now()
         if now - self._last_cleanup <= self.cleanup_interval:
@@ -102,13 +105,14 @@ class RateLimiter:
                 f"Current tracked IPs: {len(self._requests)}"
             )
 
+
 class ResponseBuilder:
     """Handles response building and header management."""
 
     def __init__(
         self,
         keys: BaseGeneralSchemas.RSAKeys,
-        maleo_foundation: MaleoFoundationClientManager
+        maleo_foundation: MaleoFoundationClientManager,
     ):
         self.keys = keys
         self.maleo_foundation = maleo_foundation
@@ -119,7 +123,7 @@ class ResponseBuilder:
         response: Response,
         request_context: RequestContext,
         responded_at: datetime,
-        process_time: float
+        process_time: float,
     ) -> Response:
         """Add custom headers to response."""
         # Basic headers
@@ -129,7 +133,9 @@ class ResponseBuilder:
         response.headers["X-Responded-At"] = responded_at.isoformat()
 
         # Add signature header
-        self._add_signature_header(response, request_context, responded_at, process_time)
+        self._add_signature_header(
+            response, request_context, responded_at, process_time
+        )
 
         # Add new authorization header if needed
         self._add_new_authorization_header(request_context, authentication, response)
@@ -141,7 +147,7 @@ class ResponseBuilder:
         response: Response,
         request_context: RequestContext,
         responded_at: datetime,
-        process_time: float
+        process_time: float,
     ) -> None:
         """Generate and add signature header."""
         message = (
@@ -150,57 +156,61 @@ class ResponseBuilder:
         )
 
         sign_parameters = MaleoFoundationSignatureParametersTransfers.Sign(
-            key=self.keys.private,
-            password=self.keys.password,
-            message=message
+            key=self.keys.private, password=self.keys.password, message=message
         )
 
-        sign_result = self.maleo_foundation.services.signature.sign(parameters=sign_parameters)
-        if sign_result.success:
+        sign_result = self.maleo_foundation.services.signature.sign(
+            parameters=sign_parameters
+        )
+        if sign_result.success and sign_result.data is not None:
             response.headers["X-Signature"] = sign_result.data.signature
 
     def _add_new_authorization_header(
         self,
-        request_context:RequestContext,
-        authentication:Authentication,
-        response:Response
+        request_context: RequestContext,
+        authentication: Authentication,
+        response: Response,
     ) -> None:
         """Add new authorization header for refresh tokens."""
         if not self._should_regenerate_auth(request_context, authentication, response):
             return
 
+        if authentication.credentials.token is None:
+            return
+
         payload = MaleoFoundationTokenGeneralTransfers.BaseEncodePayload.model_validate(
             authentication.credentials.token.payload.model_dump()
         )
 
         parameters = MaleoFoundationTokenParametersTransfers.Encode(
-            key=self.keys.private,
-            password=self.keys.password,
-            payload=payload
+            key=self.keys.private, password=self.keys.password, payload=payload
         )
 
         result = self.maleo_foundation.services.token.encode(parameters=parameters)
-        if result.success:
+        if result.success and result.data is not None:
             response.headers["X-New-Authorization"] = result.data.token
 
     def _should_regenerate_auth(
         self,
         request_context: RequestContext,
         authentication: Authentication,
-        response: Response
+        response: Response,
     ) -> bool:
         """Check if authorization should be regenerated."""
-        return (
-            authentication.user.is_authenticated
-            and authentication.credentials.token.type == BaseEnums.TokenType.REFRESH
-            and 200 <= response.status_code < 300
-            and "logout" not in request_context.url
-        )
+        if authentication.credentials.token is not None:
+            return (
+                authentication.user.is_authenticated
+                and authentication.credentials.token.type == BaseEnums.TokenType.REFRESH
+                and 200 <= response.status_code < 300
+                and "logout" not in request_context.url
+            )
+        return False
+
 
 class RequestLogger:
     """Handles request/response logging."""
 
-    def __init__(self, logger:MiddlewareLogger):
+    def __init__(self, logger: MiddlewareLogger):
         self.logger = logger
 
     def log_request_response(
@@ -208,7 +218,7 @@ class RequestLogger:
         authentication: Authentication,
         response: Response,
         request_context: RequestContext,
-        log_level: str = "info"
+        log_level: str = "info",
     ) -> None:
         """Log request and response details."""
         authentication_info = self._get_authentication_info(authentication)
@@ -221,12 +231,12 @@ class RequestLogger:
             f"Query Parameters: {request_context.query_params} - "
             f"Response | Status: {response.status_code}"
         )
-    
+
     def log_exception(
         self,
         authentication: Authentication,
         error: Exception,
-        request_context: RequestContext
+        request_context: RequestContext,
     ) -> None:
         """Log exception details."""
         authentication_info = self._get_authentication_info(authentication)
@@ -234,7 +244,7 @@ class RequestLogger:
         error_details = {
             "request_context": request_context.model_dump(mode="json"),
             "error": str(error),
-            "traceback": traceback.format_exc().split("\n")
+            "traceback": traceback.format_exc().split("\n"),
         }
 
         self.logger.error(
@@ -245,16 +255,19 @@ class RequestLogger:
             f"Response | Status: 500 | Exception:\n{json.dumps(error_details, indent=4)}"
         )
 
-    def _get_authentication_info(self, authentication:Authentication) -> str:
+    def _get_authentication_info(self, authentication: Authentication) -> str:
         """Get authentication info string."""
         if not authentication.user.is_authenticated:
             return "| Unauthenticated"
 
-        return (
-            f"| Token type: {authentication.credentials.token.type} | "
-            f"Username: {authentication.user.display_name} | "
-            f"Email: {authentication.user.identity}"
-        )
+        if authentication.credentials.token is not None:
+            return (
+                f"| Token type: {authentication.credentials.token.type} | "
+                f"Username: {authentication.user.display_name} | "
+                f"Email: {authentication.user.identity}"
+            )
+
+        return "| Unauthenticated"
 
 
 class BaseMiddleware(BaseHTTPMiddleware):
@@ -262,7 +275,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
 
     def __init__(
         self,
-        app: FastAPI,
+        app: ASGIApp,
         keys: BaseGeneralSchemas.RSAKeys,
         logger: MiddlewareLogger,
         maleo_foundation: MaleoFoundationClientManager,
@@ -273,7 +286,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
         limit: int = 10,
         window: int = 1,
         cleanup_interval: int = 60,
-        ip_timeout: int = 300
+        ip_timeout: int = 300,
     ):
         super().__init__(app)
 
@@ -282,23 +295,21 @@ class BaseMiddleware(BaseHTTPMiddleware):
             limit=limit,
             window=timedelta(seconds=window),
             ip_timeout=timedelta(seconds=ip_timeout),
-            cleanup_interval=timedelta(seconds=cleanup_interval)
+            cleanup_interval=timedelta(seconds=cleanup_interval),
         )
         self.response_builder = ResponseBuilder(keys, maleo_foundation)
         self.request_logger = RequestLogger(logger)
 
         # CORS settings (if needed)
         self.cors_config = {
-            'allow_origins': allow_origins,
-            'allow_methods': allow_methods,
-            'allow_headers': allow_headers,
-            'allow_credentials': allow_credentials,
+            "allow_origins": allow_origins,
+            "allow_methods": allow_methods,
+            "allow_headers": allow_headers,
+            "allow_credentials": allow_credentials,
         }
 
     async def dispatch(
-        self,
-        request: Request,
-        call_next: RequestResponseEndpoint
+        self, request: Request, call_next: RequestResponseEndpoint
     ) -> Response:
         """Main middleware dispatch method."""
         # Setup
@@ -333,7 +344,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
                 authentication, e, request_context, start_time
             )
 
-    async def _request_processor(self, request:Request) -> Optional[Response]:
+    async def _request_processor(self, request: Request) -> Optional[Response]:
         """Override this method for custom request preprocessing."""
         return None
 
@@ -341,14 +352,14 @@ class BaseMiddleware(BaseHTTPMiddleware):
         self,
         authentication: Authentication,
         request_context: RequestContext,
-        start_time: float
+        start_time: float,
     ) -> Response:
         """Create rate limit exceeded response."""
         response = JSONResponse(
-            content=BaseResponses.RateLimitExceeded().model_dump(),
+            content=BaseResponses.RateLimitExceeded().model_dump(),  # type: ignore
             status_code=status.HTTP_429_TOO_MANY_REQUESTS,
         )
-        
+
         return self._build_final_response(
             authentication, response, request_context, start_time, log_level="warning"
         )
@@ -359,12 +370,12 @@ class BaseMiddleware(BaseHTTPMiddleware):
         response: Response,
         request_context: RequestContext,
         start_time: float,
-        log_level: str = "info"
+        log_level: str = "info",
     ) -> Response:
         """Build final response with headers and logging."""
         responded_at = datetime.now(tz=timezone.utc)
         process_time = time.perf_counter() - start_time
-        
+
         # Add headers
         response = self.response_builder.add_response_headers(
             authentication, response, request_context, responded_at, process_time
@@ -382,20 +393,20 @@ class BaseMiddleware(BaseHTTPMiddleware):
         authentication: Authentication,
         error: Exception,
         request_context: RequestContext,
-        start_time: float
+        start_time: float,
     ) -> Response:
         """Handle exceptions and create error response."""
         responded_at = datetime.now(tz=timezone.utc)
         process_time = time.perf_counter() - start_time
-        
+
         response = JSONResponse(
-            content=BaseResponses.ServerError().model_dump(),
+            content=BaseResponses.ServerError().model_dump(),  # type: ignore
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
         )
 
         # Log exception
         self.request_logger.log_exception(authentication, error, request_context)
-        
+
         # Add headers
         return self.response_builder.add_response_headers(
             authentication, response, request_context, responded_at, process_time
@@ -414,7 +425,7 @@ def add_base_middleware(
     limit: int = 10,
     window: int = 1,
     cleanup_interval: int = 60,
-    ip_timeout: int = 300
+    ip_timeout: int = 300,
 ) -> None:
     """
     Add Base middleware to the FastAPI application.
@@ -459,5 +470,5 @@ def add_base_middleware(
         limit=limit,
         window=window,
         cleanup_interval=cleanup_interval,
-        ip_timeout=ip_timeout
-    )
+        ip_timeout=ip_timeout,
+    )

maleo_foundation/middlewares/cors.py

@@ -2,18 +2,19 @@ from fastapi import FastAPI
 from fastapi.middleware.cors import CORSMiddleware
 from typing import Sequence
 
+
 def add_cors_middleware(
     app: FastAPI,
     allow_origins: Sequence[str] = (),
     allow_methods: Sequence[str] = ("GET",),
     allow_headers: Sequence[str] = (),
     allow_credentials: bool = False,
-    expose_headers: Sequence[str] = ()
+    expose_headers: Sequence[str] = (),
 ) -> None:
     """
     Adds CORS (Cross-Origin Resource Sharing) middleware to the FastAPI application.
 
-    This middleware allows the server to handle requests from different origins, 
+    This middleware allows the server to handle requests from different origins,
     which is essential for enabling communication between the backend and frontend hosted on different domains.
 
     Args:
@@ -21,15 +22,15 @@ def add_cors_middleware(
             The FastAPI application instance to which the middleware will be added.
 
         allow_origins: Sequence[str]
-            A Sequence of allowed origins (e.g., ["http://localhost:3000", "https://example.com"]). 
+            A Sequence of allowed origins (e.g., ["http://localhost:3000", "https://example.com"]).
             Use ["*"] to allow requests from any origin.
 
         allow_methods: Sequence[str]
-            A Sequence of allowed HTTP methods (e.g., ["GET", "POST", "PUT", "DELETE"]). 
+            A Sequence of allowed HTTP methods (e.g., ["GET", "POST", "PUT", "DELETE"]).
             Use ["*"] to allow all methods.
 
         allow_headers: Sequence[str]
-            A Sequence of allowed request headers (e.g., ["Authorization", "Content-Type"]). 
+            A Sequence of allowed request headers (e.g., ["Authorization", "Content-Type"]).
             Use ["*"] to allow all headers.
 
         allow_credentials: bool
@@ -59,5 +60,5 @@ def add_cors_middleware(
         allow_methods=allow_methods,
         allow_headers=allow_headers,
         allow_credentials=allow_credentials,
-        expose_headers=expose_headers
-    )
+        expose_headers=expose_headers,
+    )

maleo_foundation/models/__init__.py

@@ -3,7 +3,8 @@ from .schemas import BaseSchemas
 from .transfers import BaseTransfers
 from .responses import BaseResponses
 
+
 class BaseModels:
     Schemas = BaseSchemas
     Transfers = BaseTransfers
-    Responses = BaseResponses
+    Responses = BaseResponses