masonite-framework 5.0.0__py3-none-any.whl

masonite/__init__.py

@@ -0,0 +1 @@
+__version__ = "5.0.0"

masonite/api/Api.py

@@ -0,0 +1,98 @@
+import jwt
+import pendulum
+from ..routes import Route
+from .controllers import AuthenticationController
+from ..utils.str import random_string
+
+
+class Api:
+    def __init__(self, application, driver_config=None):
+        self.application = application
+
+    def set_configuration(self, config):
+        self.config = config
+        return self
+
+    def generate_token(self):
+        secret = self.config.get("jwt").get("secret")
+        algorithm = self.config.get("jwt").get("algorithm")
+        expire_minutes = self.config.get("jwt").get("expires")
+        version = self.config.get("jwt").get("version")
+        if expire_minutes:
+            expire_minutes = (
+                pendulum.now(tz="UTC").add(minutes=expire_minutes).to_datetime_string()
+            )
+        token = jwt.encode(
+            {"expires": expire_minutes, "version": version, "random": random_string(10)}, secret, algorithm=algorithm
+        )
+
+        return token
+
+    def get_token(self):
+        request = self.application.make("request")
+        token = request.input("token")
+
+        if token:
+            return token
+
+        header = request.header("Authorization")
+
+        if header:
+            return header.replace("Bearer ", "")
+
+    def validate_token(self, token):
+        secret = self.config.get("jwt").get("secret")
+        algorithm = self.config.get("jwt").get("algorithm")
+        expire_minutes = self.config.get("jwt").get("expires")
+        authenticates = self.config.get("jwt").get("authenticates")
+        version = self.config.get("jwt").get("version")
+        if expire_minutes:
+            expire_minutes = (
+                pendulum.now(tz="UTC").add(minutes=expire_minutes).to_datetime_string()
+            )
+
+        try:
+            unencrypted_token = jwt.decode(token, secret, algorithms=[algorithm])
+        except (jwt.InvalidSignatureError, jwt.DecodeError):
+            return False
+        expires = unencrypted_token.get("expires")
+
+        if version:
+            if unencrypted_token["version"] != version:
+                return False
+
+        if authenticates:
+            return self.attempt_by_token(token)
+
+        if not expires:
+            return True
+
+        expired = pendulum.parse(expires, tz="UTC").is_past()
+
+        if expired:
+            return False
+
+        return True
+
+    def regenerate_token(self, token):
+        # if the token can be decoded, regenerate new token
+        secret = self.config.get("jwt").get("secret")
+        algorithm = self.config.get("jwt").get("algorithm")
+        try:
+            jwt.decode(token, secret, algorithms=[algorithm])
+            return self.generate_token()
+        except jwt.DecodeError:
+            pass
+
+        return False
+
+    def attempt_by_token(self, token):
+        model = self.config.get("jwt").get("model")()
+        return model.attempt_by_token(token)
+
+    @classmethod
+    def routes(cls, auth_route="/api/auth", reauth_route="/api/reauth"):
+        return [
+            Route.post("/api/auth", AuthenticationController.auth),
+            Route.post("/api/reauth", AuthenticationController.reauth),
+        ]

masonite/api/__init__.py

@@ -0,0 +1 @@
+from .Api import Api

masonite/api/authentication/AuthenticatesTokens.py

@@ -0,0 +1,16 @@
+from ..facades import Api
+
+
+class AuthenticatesTokens:
+
+    __TOKEN_COLUMN__ = "api_token"
+
+    def generate_jwt(self):
+        token = Api.generate_token()
+
+        setattr(self, self.__TOKEN_COLUMN__, token)
+        self.save()
+        return token
+
+    def attempt_by_token(self, token):
+        return self.where(self.__TOKEN_COLUMN__, token).first()

masonite/api/authentication/__init__.py

@@ -0,0 +1 @@
+from .AuthenticatesTokens import AuthenticatesTokens

masonite/api/commands/APIInstallCommand.py

@@ -0,0 +1,55 @@
+"""Scaffold Auth Command."""
+import os
+from ...utils.filesystem import render_stub_file, get_module_dir
+from ...utils.location import config_path
+from ...utils.str import random_string
+
+
+from ...commands.Command import Command
+
+
+class APIInstallCommand(Command):
+    """
+    Adds required files for building API's
+
+    api:install
+        {--f|force=? : Force overriding file if already exists}
+    """
+
+    def __init__(self, application):
+        super().__init__()
+        self.app = application
+
+    def handle(self):
+        stub_path = self.get_stub_config_path()
+
+        content = render_stub_file(stub_path, "api.py")
+
+        path = config_path("api.py")
+        if os.path.exists(path) and not self.option("force"):
+            self.warning(
+                f"{path} already exists! Run the command with -f (force) to override."
+            )
+            return -1
+
+        with open(path, "w") as f:
+            f.write(content)
+
+        if os.path.exists(path) and not self.option("force"):
+            self.warning(
+                f"{path} already exists! Run the command with -f (force) to override."
+            )
+            return -1
+
+        with open(path, "w") as f:
+            f.write(content)
+
+        secret = random_string(25)
+
+        self.info(f"API Installed: ({config_path('api.py', absolute=False)})")
+        self.info(
+            f"JWT Secret Key Is: {secret}. You should store this in an environment variable called JWT_SECRET."
+        )
+
+    def get_stub_config_path(self):
+        return os.path.join(get_module_dir(__file__), "../stubs/api.py")

masonite/api/controllers/AuthenticationController.py

@@ -0,0 +1,27 @@
+from ...controllers import Controller
+from ...request import Request
+from ...response import Response
+from ...authentication import Auth
+from ..facades import Api
+
+
+class AuthenticationController(Controller):
+    def auth(self, auth: Auth, request: Request, response: Response):
+        user = auth.attempt(request.input("username"), request.input("password"))
+
+        if user:
+            return {"data": user.generate_jwt()}
+
+        return response.json(
+            {"message": "Could not find username or password"}, status="403"
+        )
+
+    def reauth(self, request: Request, response: Response):
+        user = Api.attempt_by_token(request.input("token"))
+
+        if user:
+            return {"data": user.generate_jwt()}
+
+        return response.json(
+            {"message": "Could not reauthenticate based on given token."}, status="403"
+        )

masonite/api/controllers/__init__.py

@@ -0,0 +1 @@
+from .AuthenticationController import AuthenticationController

masonite/api/facades/Api.py

@@ -0,0 +1,5 @@
+from ...facades.Facade import Facade
+
+
+class Api(metaclass=Facade):
+    key = "api"

masonite/api/facades/__init__.py

@@ -0,0 +1 @@
+from .Api import Api

masonite/api/guards/JWTGuard.py

@@ -0,0 +1,65 @@
+from ..facades import Api
+
+
+class JWTGuard:
+    def __init__(self, application):
+        self.application = application
+        self.connection = None
+
+    def set_options(self, options):
+        self.options = options
+        return self
+
+    def attempt(self, username, password):
+        attempt = self.options.get("model")().attempt(username, password)
+        if attempt:
+            return attempt
+
+    def get_auth_column(self, username):
+        return self.options.get("model")().get_auth_column(username)
+
+    def register(self, dictionary):
+        try:
+            register = self.options.get("model")().register(dictionary)
+        except Exception:
+            return False
+        return self.attempt_by_id(register.get_id())
+
+    def user(self):
+        """Get the currently logged in user.
+
+        Returns:
+            object|bool -- Returns the current authenticated user object or False or None if there is none.
+        """
+        # token = self.application.make("request").cookie("token")
+        token = Api.get_token()
+        if token and self.options.get("model")():
+            return self.options.get("model")().attempt_by_token(token) or False
+
+        return False
+
+    def attempt_by_id(self, user_id):
+        """Login a user by the user ID.
+
+        Arguments:
+            user_id {string|int} -- The ID of the user model record.
+
+        Returns:
+            object|False -- Returns the current authenticated user object or False or None if there is none.
+        """
+        attempt = self.options.get("model")().attempt_by_id(user_id)
+
+        if attempt and not self.options.get("once"):
+            self.application.make("request").set_user(attempt)
+            return attempt
+
+        return False
+
+    def once(self):
+        """Log in the user without saving a cookie.
+
+        Returns:
+            self
+        """
+        self._once = True
+        return self

masonite/api/guards/__init__.py

@@ -0,0 +1 @@
+from .JWTGuard import JWTGuard

masonite/api/middleware/JWTAuthenticationMiddleware.py

@@ -0,0 +1,24 @@
+from masonite.middleware import Middleware
+
+from masonite.api.facades import Api
+
+
+class JWTAuthenticationMiddleware(Middleware):
+    def before(self, request, response):
+        token = Api.get_token()
+        if not token:
+            return response.json(
+                {"message": "Authentication token missing"}, status="401"
+            )
+
+        # Check token is not expired
+        validate = Api.validate_token(token)
+        if not validate:
+            return response.json(
+                {"message": "Token invalid. Try reauthenticating."}, status=401
+            )
+
+        return request
+
+    def after(self, request, response):
+        pass

masonite/api/middleware/__init__.py

@@ -0,0 +1 @@
+from .JWTAuthenticationMiddleware import JWTAuthenticationMiddleware

masonite/api/providers/ApiProvider.py

@@ -0,0 +1,29 @@
+from ..guards import JWTGuard
+from ..commands.APIInstallCommand import APIInstallCommand
+from ...configuration.helpers import config
+from ...providers import Provider
+from ..Api import Api
+
+from ...routes import Route
+from ...utils.structures import load
+
+
+class ApiProvider(Provider):
+    def __init__(self, application):
+        self.application = application
+
+    def register(self):
+        api = Api(self.application).set_configuration(config("api.drivers"))
+        self.application.bind("api", api)
+        self.application.make("router").add(
+            Route.group(
+                load(self.application.make("routes.api.location"), "ROUTES"),
+                middleware=["api"],
+                prefix="/api",
+            )
+        )
+        self.application.make("commands").add(APIInstallCommand(self.application))
+        self.application.make("auth").add_guard("jwt", JWTGuard(self.application))
+
+    def boot(self):
+        pass

masonite/api/providers/__init__.py

@@ -0,0 +1 @@
+from .ApiProvider import ApiProvider

masonite/api/stubs/api.py

@@ -0,0 +1,15 @@
+"""API Config"""
+from masonite.environment import env
+
+from app.models.User import User
+
+DRIVERS = {
+    "jwt": {
+        "algorithm": "HS512",
+        "secret": env("JWT_SECRET"),
+        "model": User,
+        "expires": None,
+        "authenticates": False,
+        "version": None,
+    }
+}

masonite/auth/MustVerifyEmail.py

@@ -0,0 +1,26 @@
+"""Verify Email Module."""
+
+import time
+
+from ..auth.Sign import Sign
+
+
+class MustVerifyEmail:
+    """Class To Verify User Email."""
+
+    def verify_email(self, mail_manager, request):
+        """Sends email for user verification
+
+        Arguments:
+            mail_manager {masonite.managers.MailManager} -- Masonite mail manager class.
+            request {masonite.request.Request} -- Masonite request class.
+        """
+        mail = mail_manager.helper()
+        sign = Sign()
+
+        token = sign.sign("{0}::{1}".format(self.id, time.time()))
+        link = "{0}/email/verify/{1}".format(request.environ["HTTP_HOST"], token)
+
+        mail.to(self.email).template(
+            "auth/verifymail", {"name": self.name, "email": self.email, "link": link}
+        ).subject("Please Confirm Your Email").send()

masonite/auth/Sign.py

@@ -0,0 +1,76 @@
+"""Cryptographic Signing Module."""
+import binascii
+
+from cryptography.fernet import Fernet, InvalidToken as CryptographyInvalidToken
+
+from ..exceptions import InvalidSecretKey, InvalidToken
+
+
+class Sign:
+    """Cryptographic signing class."""
+
+    def __init__(self, key=None):
+        """Sign constructor.
+
+        Keyword Arguments:
+            key {string} -- The secret key to use. If nothing is passed it then it will use
+                            the secret key from the config file. (default: {None})
+
+        Raises:
+            InvalidSecretKey -- Thrown if the secret key does not exist.
+        """
+        if key:
+            self.key = key
+        else:
+            from wsgi import application
+
+            self.key = application.make("key")
+
+        if not self.key:
+            raise InvalidSecretKey(
+                "The encryption key passed in is: None. Be sure there is a secret key present in your .env file or your config/application.py file."
+            )
+
+        self.encryption = None
+
+    def sign(self, value):
+        """Sign a value using the secret key.
+
+        Arguments:
+            value {string} -- The value to be encrypted.
+
+        Returns:
+            string -- Returns the encrypted value.
+
+        Raises:
+            InvalidSecretKey -- Thrown if the secret key has incorrect padding.
+        """
+        try:
+            f = Fernet(self.key)
+        except (binascii.Error, ValueError):
+            raise InvalidSecretKey(
+                "You have passed an invalid secret key of: {}. Make sure you have correctly added your secret key.".format(
+                    self.key
+                )
+            )
+
+        self.encryption = f.encrypt(bytes(str(value), "utf-8"))
+        return self.encryption.decode("utf-8")
+
+    def unsign(self, value=None):
+        """Unsign the value using the secret key.
+
+        Keyword Arguments:
+            value {string} -- The value to be unencrypted. (default: {None})
+
+        Returns:
+            string -- Returns the unencrypted value.
+        """
+        f = Fernet(self.key)
+
+        if not value:
+            return f.decrypt(self.encryption).decode("utf-8")
+        try:
+            return f.decrypt(bytes(str(value), "utf-8")).decode("utf-8")
+        except CryptographyInvalidToken as e:
+            raise InvalidToken("Invalid Cryptographic Token") from e

masonite/auth/__init__.py

@@ -0,0 +1,2 @@
+from .Sign import Sign
+from .MustVerifyEmail import MustVerifyEmail

masonite/authentication/Auth.py

@@ -0,0 +1,195 @@
+import pendulum
+import uuid
+from ..routes import Route
+
+
+class Auth:
+    def __init__(self, application, guard_config=None):
+        self.application = application
+        self.guards = {}
+        self._guard = None
+        self.guard_config = guard_config or {}
+        self.options = {}
+
+        self._user = None
+
+    def add_guard(self, name, guard):
+        self.guards.update({name: guard})
+
+    def set_configuration(self, config):
+        self.guard_config = config
+        return self
+
+    def guard(self, guard):
+        self._guard = guard
+        return self
+
+    def get_guard(self, name=None):
+        if name is None and self._guard is None:
+            return self.guards[self.guard_config.get("default")]
+
+        return self.guards[self._guard]
+
+    def get_config_options(self, guard=None):
+        if guard is None:
+            options = self.guard_config.get(self.guard_config.get("default"), {})
+            options.update(self.options)
+            return options
+
+        options = self.guard_config.get(guard, {})
+        options.update(self.options)
+        return options
+
+    def attempt(self, email, password, once=False):
+        auth_config = self.get_config_options()
+        auth_config.update({"once": once})
+        user = self.get_guard().set_options(auth_config).attempt(email, password)
+        self.set_user(user)
+        return user
+
+    def attempt_by_id(self, user_id, once=False):
+        auth_config = self.get_config_options()
+        auth_config.update({"once": once})
+        user = self.get_guard().set_options(auth_config).attempt_by_id(user_id)
+        self.set_user(user)
+        return user
+
+    def logout(self):
+        """Logout the current authenticated user.
+
+        Returns:
+            self
+        """
+        self.application.make("request").remove_user()
+        self.application.make("response").delete_cookie("token")
+        self.get_guard().set_options(self.get_config_options()).logout()
+        self._user = None
+
+    def user(self):
+        """Get the current authenticated user.
+
+        Returns:
+            self
+        """
+        if self._user:
+            return self._user
+        return self.get_guard().set_options(self.get_config_options()).user()
+
+    def register(self, dictionary):
+        """Logout the current authenticated user.
+
+        Returns:
+            self
+        """
+        auth_config = self.get_config_options()
+        return self.get_guard().set_options(auth_config).register(dictionary)
+
+    def set_user(self, user):
+        self._user = user
+        return self
+
+    def password_reset(self, email):
+        """Logout the current authenticated user.
+
+        Returns:
+            self
+        """
+        token = str(uuid.uuid4())
+        auth_config = self.get_config_options()
+        auth = self.get_guard().set_options(auth_config).get_auth_column(email)
+        if not auth:
+            return (None, None)
+        try:
+            existing = (
+                self.application.make("builder")
+                .new()
+                .table(self.guard_config.get("password_reset_table"))
+                .where("email", email)
+                .first()
+            )
+            if existing:
+                token = existing["token"]
+            else:
+                self.application.make("builder").new().table(
+                    self.guard_config.get("password_reset_table")
+                ).create(
+                    {
+                        "email": email,
+                        "token": token,
+                        "expires_at": pendulum.now()
+                        .add(minutes=self.guard_config.get("password_reset_expiration"))
+                        .to_datetime_string()
+                        if self.guard_config.get("password_reset_expiration")
+                        else None,
+                        "created_at": pendulum.now().to_datetime_string(),
+                    }
+                )
+        except Exception:
+            return (None, None)
+
+        self.application.make("event").fire("auth.password_reset", email, token)
+        return auth, token
+
+    def reset_password(self, password, token):
+        """Logout the current authenticated user.
+
+        Returns:
+            self
+        """
+
+        reset_record = (
+            self.application.make("builder")
+            .new()
+            .table(self.guard_config.get("password_reset_table"))
+            .where("token", token)
+            .first()
+        )
+
+        if not reset_record:
+            return False
+
+        auth_config = self.get_config_options()
+        (
+            self.get_guard()
+            .set_options(auth_config)
+            .reset_password(reset_record.get("email"), password)
+        )
+
+        (
+            self.application.make("builder")
+            .new()
+            .table(self.guard_config.get("password_reset_table"))
+            .where("token", token)
+            .delete()
+        )
+
+        return True
+
+    @classmethod
+    def routes(self):
+        return [
+            Route.get("/login", "auth.LoginController@show").name("login"),
+            Route.get("/logout", "auth.LoginController@logout").name("logout"),
+            Route.get("/home", "auth.HomeController@show")
+            .name("auth.home")
+            .middleware("auth"),
+            Route.get("/register", "auth.RegisterController@show").name("register"),
+            Route.post("/register", "auth.RegisterController@store").name(
+                "register.store"
+            ),
+            Route.get("/password_reset", "auth.PasswordResetController@show").name(
+                "password_reset"
+            ),
+            Route.post("/password_reset", "auth.PasswordResetController@store").name(
+                "password_reset.store"
+            ),
+            Route.get(
+                "/change_password/@token",
+                "auth.PasswordResetController@change_password",
+            ).name("change_password"),
+            Route.post(
+                "/change_password/@token",
+                "auth.PasswordResetController@store_changed_password",
+            ).name("change_password.store"),
+            Route.post("/login", "auth.LoginController@store").name("login.store"),
+        ]

masonite/authentication/__init__.py

@@ -0,0 +1,2 @@
+from .Auth import Auth
+from .models.authenticates import Authenticates