panther 4.3.6__tar.gz → 5.0.0b1__tar.gz

{panther-4.3.6 → panther-5.0.0b1}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.4
 Name: panther
-Version: 4.3.6
+Version: 5.0.0b1
 Summary: Fast & Friendly, Web Framework For Building Async APIs
 Home-page: https://github.com/alirn76/panther
 Author: Ali RajabNezhad
@@ -14,25 +14,39 @@ Classifier: Programming Language :: Python :: 3.13
 Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: pantherdb~=2.1.1
-Requires-Dist: pydantic~=2.8.2
-Requires-Dist: rich~=13.7.1
-Requires-Dist: uvicorn~=0.27.1
-Requires-Dist: pytz~=2024.1
+Requires-Dist: pantherdb~=2.2.3
+Requires-Dist: orjson~=3.9.15
+Requires-Dist: pydantic~=2.10.6
+Requires-Dist: rich~=13.9.4
+Requires-Dist: uvicorn~=0.34.0
+Requires-Dist: pytz~=2025.2
 Requires-Dist: Jinja2~=3.1
-Requires-Dist: httptools~=0.6.1
+Requires-Dist: simple-ulid~=1.0.0
+Requires-Dist: httptools~=0.6.4
 Provides-Extra: full
-Requires-Dist: redis==5.0.1; extra == "full"
-Requires-Dist: motor~=3.5.0; extra == "full"
-Requires-Dist: bpython~=0.24; extra == "full"
-Requires-Dist: python-jose~=3.3.0; extra == "full"
-Requires-Dist: ruff~=0.1.9; extra == "full"
-Requires-Dist: websockets~=12.0; extra == "full"
-Requires-Dist: cryptography~=42.0.8; extra == "full"
-Requires-Dist: watchfiles~=0.21.0; extra == "full"
+Requires-Dist: redis==5.2.1; extra == "full"
+Requires-Dist: motor~=3.7.0; extra == "full"
+Requires-Dist: ipython~=9.0.2; extra == "full"
+Requires-Dist: python-jose~=3.4.0; extra == "full"
+Requires-Dist: ruff~=0.11.2; extra == "full"
+Requires-Dist: websockets~=15.0.1; extra == "full"
+Requires-Dist: cryptography~=44.0.2; extra == "full"
+Requires-Dist: watchfiles~=1.0.4; extra == "full"
 Provides-Extra: dev
-Requires-Dist: ruff~=0.1.9; extra == "dev"
-Requires-Dist: pytest~=8.3.3; extra == "dev"
+Requires-Dist: ruff~=0.11.2; extra == "dev"
+Requires-Dist: pytest~=8.3.5; extra == "dev"
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: license
+Dynamic: license-file
+Dynamic: provides-extra
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
 
 
 [![PyPI](https://img.shields.io/pypi/v/panther?label=PyPI)](https://pypi.org/project/panther/) [![PyVersion](https://img.shields.io/pypi/pyversions/panther.svg)](https://pypi.org/project/panther/) [![codecov](https://codecov.io/github/AliRn76/panther/graph/badge.svg?token=YWFQA43GSP)](https://codecov.io/github/AliRn76/panther) [![Downloads](https://static.pepy.tech/badge/panther/month)](https://pepy.tech/project/panther) [![license](https://img.shields.io/github/license/alirn76/panther.svg)](https://github.com/alirn76/panther/blob/main/LICENSE)

{panther-4.3.6 → panther-5.0.0b1}/panther/__init__.py

@@ -1,6 +1,6 @@
 from panther.main import Panther  # noqa: F401
 
-__version__ = '4.3.6'
+__version__ = '5.0.0beta1'
 
 
 def version():

{panther-4.3.6 → panther-5.0.0b1}/panther/_load_configs.py

@@ -16,7 +16,8 @@ from panther.db.queries.mongodb_queries import BaseMongoDBQuery
 from panther.db.queries.pantherdb_queries import BasePantherDBQuery
 from panther.exceptions import PantherError
 from panther.middlewares.base import WebsocketMiddleware, HTTPMiddleware
-from panther.panel.urls import urls as panel_urls
+from panther.middlewares.monitoring import MonitoringMiddleware, WebsocketMonitoringMiddleware
+from panther.panel.views import HomeView
 from panther.routings import finalize_urls, flatten_urls
 
 __all__ = (
@@ -27,7 +28,6 @@ __all__ = (
     'load_timezone',
     'load_database',
     'load_secret_key',
-    'load_monitoring',
     'load_throttling',
     'load_user_model',
     'load_log_queries',
@@ -36,8 +36,8 @@ __all__ = (
     'load_auto_reformat',
     'load_background_tasks',
     'load_default_cache_exp',
-    'load_authentication_class',
     'load_urls',
+    'load_authentication_class',
     'load_websocket_connections',
     'check_endpoints_inheritance',
 )
@@ -94,7 +94,15 @@ def load_templates_dir(_configs: dict, /) -> None:
     if config.TEMPLATES_DIR == '.':
         config.TEMPLATES_DIR = config.BASE_DIR
 
-    config.JINJA_ENVIRONMENT = jinja2.Environment(loader=jinja2.FileSystemLoader(config.TEMPLATES_DIR))
+    config.JINJA_ENVIRONMENT = jinja2.Environment(
+        loader=jinja2.ChoiceLoader(
+            loaders=(
+                jinja2.FileSystemLoader(searchpath=config.TEMPLATES_DIR),
+                jinja2.PackageLoader(package_name='panther', package_path='panel/templates/'),
+                jinja2.PackageLoader(package_name='panther', package_path='openapi/templates/'),
+            )
+        )
+    )
 
 
 def load_database(_configs: dict, /) -> None:
@@ -126,11 +134,6 @@ def load_secret_key(_configs: dict, /) -> None:
         config.SECRET_KEY = secret_key.encode()
 
 
-def load_monitoring(_configs: dict, /) -> None:
-    if _configs.get('MONITORING'):
-        config.MONITORING = True
-
-
 def load_throttling(_configs: dict, /) -> None:
     if throttling := _configs.get('THROTTLING'):
         config.THROTTLING = throttling
@@ -147,42 +150,45 @@ def load_log_queries(_configs: dict, /) -> None:
 
 
 def load_middlewares(_configs: dict, /) -> None:
-    from panther.middlewares import BaseMiddleware
-
     middlewares = {'http': [], 'ws': []}
 
     # Collect Middlewares
     for middleware in _configs.get('MIDDLEWARES') or []:
-        if not isinstance(middleware, list | tuple):
-            path_or_type = middleware
-            data = {}
-
-        elif len(middleware) == 1:
-            path_or_type = middleware[0]
-            data = {}
-
-        elif len(middleware) > 2:
-            raise _exception_handler(field='MIDDLEWARES', error=f'{middleware} too many arguments')
-
-        else:
-            path_or_type, data = middleware
-
-        if callable(path_or_type):
-            middleware_class = path_or_type
-        else:
+        # This block is for Backward Compatibility
+        if isinstance(middleware, list | tuple):
+            if len(middleware) == 1:
+                middleware = middleware[0]
+            elif len(middleware) == 2:
+                _deprecated_warning(
+                    field='MIDDLEWARES',
+                    message='`data` does not supported in middlewares anymore, as your data is static you may want '
+                            'to pass them to your middleware with config variables'
+                )
+                middleware = middleware[0]
+            else:
+                raise _exception_handler(
+                    field='MIDDLEWARES', error=f'{middleware} should be dotted path or type of a middleware class')
+
+        # `middleware` can be type or path of a class
+        if not callable(middleware):
             try:
-                middleware_class = import_class(path_or_type)
+                middleware = import_class(middleware)
             except (AttributeError, ModuleNotFoundError):
-                raise _exception_handler(field='MIDDLEWARES', error=f'{path_or_type} is not a valid middleware path')
+                raise _exception_handler(
+                    field='MIDDLEWARES', error=f'{middleware} is not a valid middleware path or type')
 
-        if issubclass(middleware_class, BaseMiddleware) is False:
-            raise _exception_handler(field='MIDDLEWARES', error='is not a sub class of BaseMiddleware')
+        if issubclass(middleware, (MonitoringMiddleware, WebsocketMonitoringMiddleware)):
+            config.MONITORING = True
 
-        if middleware_class.__bases__[0] in (BaseMiddleware, HTTPMiddleware):
-            middlewares['http'].append((middleware_class, data))
-
-        if middleware_class.__bases__[0] in (BaseMiddleware, WebsocketMiddleware):
-            middlewares['ws'].append((middleware_class, data))
+        if issubclass(middleware, HTTPMiddleware):
+            middlewares['http'].append(middleware)
+        elif issubclass(middleware, WebsocketMiddleware):
+            middlewares['ws'].append(middleware)
+        else:
+            raise _exception_handler(
+                field='MIDDLEWARES',
+                error='is not a sub class of `HTTPMiddleware` or `WebsocketMiddleware`'
+            )
 
     config.HTTP_MIDDLEWARES = middlewares['http']
     config.WS_MIDDLEWARES = middlewares['ws']
@@ -204,32 +210,6 @@ def load_default_cache_exp(_configs: dict, /) -> None:
         config.DEFAULT_CACHE_EXP = default_cache_exp
 
 
-def load_authentication_class(_configs: dict, /) -> None:
-    """Should be after `load_secret_key()`"""
-    if authentication := _configs.get('AUTHENTICATION'):
-        config.AUTHENTICATION = import_class(authentication)
-
-    if ws_authentication := _configs.get('WS_AUTHENTICATION'):
-        config.WS_AUTHENTICATION = import_class(ws_authentication)
-
-    load_jwt_config(_configs)
-
-
-def load_jwt_config(_configs: dict, /) -> None:
-    """Only Collect JWT Config If Authentication Is JWTAuthentication"""
-    auth_is_jwt = (
-            getattr(config.AUTHENTICATION, '__name__', None) == 'JWTAuthentication' or
-            getattr(config.WS_AUTHENTICATION, '__name__', None) == 'QueryParamJWTAuthentication'
-    )
-    jwt = _configs.get('JWTConfig', {})
-    if auth_is_jwt or jwt:
-        if 'key' not in jwt:
-            if config.SECRET_KEY is None:
-                raise _exception_handler(field='JWTConfig', error='`JWTConfig.key` or `SECRET_KEY` is required.')
-            jwt['key'] = config.SECRET_KEY.decode()
-        config.JWT_CONFIG = JWTConfig(**jwt)
-
-
 def load_urls(_configs: dict, /, urls: dict | None) -> None:
     """
     Return tuple of all urls (as a flat dict) and (as a nested dict)
@@ -261,7 +241,34 @@ def load_urls(_configs: dict, /, urls: dict | None) -> None:
 
     config.FLAT_URLS = flatten_urls(urls)
     config.URLS = finalize_urls(config.FLAT_URLS)
-    config.URLS['_panel'] = finalize_urls(flatten_urls(panel_urls))
+
+
+def load_authentication_class(_configs: dict, /) -> None:
+    """Should be after `load_secret_key()` and `load_urls()`"""
+    if authentication := _configs.get('AUTHENTICATION'):
+        config.AUTHENTICATION = import_class(authentication)
+
+    if ws_authentication := _configs.get('WS_AUTHENTICATION'):
+        config.WS_AUTHENTICATION = import_class(ws_authentication)
+
+    load_jwt_config(_configs)
+
+
+def load_jwt_config(_configs: dict, /) -> None:
+    """Only Collect JWT Config If Authentication Is JWTAuthentication"""
+    auth_is_jwt = (
+            getattr(config.AUTHENTICATION, '__name__', None) == 'JWTAuthentication' or
+            getattr(config.WS_AUTHENTICATION, '__name__', None) == 'QueryParamJWTAuthentication'
+    )
+    jwt = _configs.get('JWTConfig', {})
+
+    using_panel_views = HomeView in config.FLAT_URLS.values()
+    if auth_is_jwt or using_panel_views:
+        if 'key' not in jwt:
+            if config.SECRET_KEY is None:
+                raise _exception_handler(field='JWTConfig', error='`JWTConfig.key` or `SECRET_KEY` is required.')
+            jwt['key'] = config.SECRET_KEY.decode()
+        config.JWT_CONFIG = JWTConfig(**jwt)
 
 
 def load_websocket_connections():
@@ -281,6 +288,9 @@ def load_websocket_connections():
 def check_endpoints_inheritance():
     """Should be after `load_urls()`"""
     for _, endpoint in config.FLAT_URLS.items():
+        if endpoint == {}:
+            continue
+
         if isinstance(endpoint, types.FunctionType):
             check_function_type_endpoint(endpoint=endpoint)
         else:
@@ -289,3 +299,7 @@ def check_endpoints_inheritance():
 
 def _exception_handler(field: str, error: str | Exception) -> PantherError:
     return PantherError(f"Invalid '{field}': {error}")
+
+
+def _deprecated_warning(field: str, message: str):
+    return logger.warning(f"DEPRECATED '{field}': {message}")

{panther-4.3.6 → panther-5.0.0b1}/panther/_utils.py

@@ -10,7 +10,6 @@ from typing import Any, Generator, Iterator, AsyncGenerator
 
 from panther.exceptions import PantherError
 from panther.file_handler import File
-from panther.websocket import GenericWebsocket
 
 logger = logging.getLogger('panther')
 
@@ -49,7 +48,7 @@ def read_multipart_form_data(boundary: str, body: bytes) -> dict:
         if row in (b'', b'--'):
             continue
 
-        if match := re.match(pattern=field_pattern, string=row):
+        if match := re.match(pattern=field_pattern, string=row, flags=re.DOTALL):
             _, field_name, _, value = match.groups()
             data[field_name.decode('utf-8')] = value.decode('utf-8')
 
@@ -100,6 +99,7 @@ def check_function_type_endpoint(endpoint: types.FunctionType) -> Callable:
 
 def check_class_type_endpoint(endpoint: Callable) -> Callable:
     from panther.app import GenericAPI
+    from panther.websocket import GenericWebsocket
 
     if not issubclass(endpoint, (GenericAPI, GenericWebsocket)):
         raise PantherError(

panther-5.0.0b1/panther/app.py

@@ -0,0 +1,289 @@
+import functools
+import logging
+import traceback
+import typing
+from datetime import timedelta
+from typing import Literal, Callable
+
+from orjson import JSONDecodeError
+from pydantic import ValidationError, BaseModel
+
+from panther._utils import is_function_async
+from panther.caching import (
+    get_response_from_cache,
+    set_response_in_cache,
+    get_throttling_from_cache,
+    increment_throttling_in_cache
+)
+from panther.configs import config
+from panther.exceptions import (
+    APIError,
+    AuthorizationAPIError,
+    JSONDecodeAPIError,
+    MethodNotAllowedAPIError,
+    ThrottlingAPIError,
+    BadRequestAPIError
+)
+from panther.exceptions import PantherError
+from panther.middlewares import HTTPMiddleware
+from panther.openapi import OutputSchema
+from panther.permissions import BasePermission
+from panther.request import Request
+from panther.response import Response
+from panther.serializer import ModelSerializer
+from panther.throttling import Throttling
+
+__all__ = ('API', 'GenericAPI')
+
+logger = logging.getLogger('panther')
+
+
+class API:
+    """
+    input_model: The `request.data` will be validated with this attribute, It will raise an
+        `panther.exceptions.BadRequestAPIError` or put the validated data in the `request.validated_data`.
+    output_schema: This attribute only used in creation of OpenAPI scheme which is available in `panther.openapi.urls`
+        You may want to add its `url` to your urls.
+    auth: It will authenticate the user with header of its request or raise an
+        `panther.exceptions.AuthenticationAPIError`.
+    permissions: List of permissions that will be called sequentially after authentication to authorize the user.
+    throttling: It will limit the users' request on a specific (time-bucket, path)
+    cache: Response of the request will be cached.
+    cache_exp_time: Specify the expiry time of the cache. (default is `config.DEFAULT_CACHE_EXP`)
+    methods: Specify the allowed methods.
+    middlewares: These middlewares have inner priority than global middlewares.
+    """
+    func: Callable
+
+    def __init__(
+        self,
+        *,
+        methods: list[Literal['GET', 'POST', 'PUT', 'PATCH', 'DELETE']] | None = None,
+        input_model: type[ModelSerializer] | type[BaseModel] | None = None,
+        output_model: type[BaseModel] | None = None,
+        output_schema: OutputSchema | None = None,
+        auth: bool = False,
+        permissions: list[BasePermission] | None = None,
+        throttling: Throttling | None = None,
+        cache: bool = False,
+        cache_exp_time: timedelta | int | None = None,
+        middlewares: list[HTTPMiddleware] | None = None,
+    ):
+        self.methods = {m.upper() for m in methods} if methods else None
+        self.input_model = input_model
+        self.output_schema = output_schema
+        self.auth = auth
+        self.permissions = permissions or []
+        self.throttling = throttling
+        self.cache = cache
+        self.cache_exp_time = cache_exp_time
+        self.middlewares: list[HTTPMiddleware] | None = middlewares
+        self.request: Request | None = None
+        if output_model:
+            deprecation_message = (
+                    traceback.format_stack(limit=2)[0] +
+                    '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
+                    '\nPlease update your code to use the new approach. More info: '
+                    'https://pantherpy.github.io/open_api/'
+            )
+            raise PantherError(deprecation_message)
+
+    def __call__(self, func):
+        self.func = func
+
+        @functools.wraps(func)
+        async def wrapper(request: Request) -> Response:
+            chained_func = self.handle_endpoint
+            if self.middlewares:
+                for middleware in reversed(self.middlewares):
+                    chained_func = middleware(chained_func)
+            return await chained_func(request=request)
+
+        # Store attributes on the function, so have the same behaviour as class-based (useful in `openapi.view.OpenAPI`)
+        wrapper.auth = self.auth
+        wrapper.methods = self.methods
+        wrapper.permissions = self.permissions
+        wrapper.input_model = self.input_model
+        wrapper.output_schema = self.output_schema
+        return wrapper
+
+    async def handle_endpoint(self, request: Request) -> Response:
+        self.request = request
+
+        # 0. Preflight
+        if self.request.method == 'OPTIONS':
+            return self.options()
+
+        # 1. Check Method
+        if self.methods and self.request.method not in self.methods:
+            raise MethodNotAllowedAPIError
+
+        # 2. Authentication
+        await self.handle_authentication()
+
+        # 3. Permissions
+        await self.handle_permission()
+
+        # 4. Throttling
+        await self.handle_throttling()
+
+        # 5. Validate Input
+        if self.request.method in {'POST', 'PUT', 'PATCH'}:
+            self.handle_input_validation()
+
+        # 6. Get Cached Response
+        if self.cache and self.request.method == 'GET':
+            if cached := await get_response_from_cache(request=self.request, cache_exp_time=self.cache_exp_time):
+                return Response(data=cached.data, headers=cached.headers, status_code=cached.status_code)
+
+        # 7. Put PathVariables and Request(If User Wants It) In kwargs
+        kwargs = self.request.clean_parameters(self.func)
+
+        # 8. Call Endpoint
+        if is_function_async(self.func):
+            response = await self.func(**kwargs)
+        else:
+            response = self.func(**kwargs)
+
+        # 9. Clean Response
+        if not isinstance(response, Response):
+            response = Response(data=response)
+        if response.pagination:
+            response.data = await response.pagination.template(response.data)
+
+        # 10. Set New Response To Cache
+        if self.cache and self.request.method == 'GET':
+            await set_response_in_cache(request=self.request, response=response, cache_exp_time=self.cache_exp_time)
+
+        # 11. Warning CacheExpTime
+        if self.cache_exp_time and self.cache is False:
+            logger.warning('"cache_exp_time" won\'t work while "cache" is False')
+
+        return response
+
+    async def handle_authentication(self) -> None:
+        if self.auth:
+            if not config.AUTHENTICATION:
+                logger.critical('"AUTHENTICATION" has not been set in configs')
+                raise APIError
+            self.request.user = await config.AUTHENTICATION.authentication(self.request)
+
+    async def handle_throttling(self) -> None:
+        if throttling := self.throttling or config.THROTTLING:
+            if await get_throttling_from_cache(self.request, duration=throttling.duration) + 1 > throttling.rate:
+                raise ThrottlingAPIError
+
+            await increment_throttling_in_cache(self.request, duration=throttling.duration)
+
+    async def handle_permission(self) -> None:
+        for perm in self.permissions:
+            if type(perm.authorization).__name__ != 'method':
+                logger.error(f'{perm.__name__}.authorization should be "classmethod"')
+                raise AuthorizationAPIError
+            if await perm.authorization(self.request) is False:
+                raise AuthorizationAPIError
+
+    def handle_input_validation(self):
+        if self.input_model:
+            self.request.validated_data = self.validate_input(model=self.input_model, request=self.request)
+
+    @classmethod
+    def options(cls):
+        headers = {
+            'Access-Control-Allow-Methods': 'DELETE, GET, PATCH, POST, PUT, OPTIONS, HEAD',
+            'Access-Control-Allow-Headers': 'Accept, Authorization, User-Agent, Content-Type',
+        }
+        return Response(headers=headers)
+
+    @classmethod
+    def validate_input(cls, model, request: Request):
+        if isinstance(request.data, bytes):
+            raise BadRequestAPIError(detail='Content-Type is not valid')
+        if request.data is None:
+            raise BadRequestAPIError(detail='Request body is required')
+        try:
+            # `request` will be ignored in regular `BaseModel`
+            return model(**request.data, request=request)
+        except ValidationError as validation_error:
+            error = {'.'.join(str(loc) for loc in e['loc']): e['msg'] for e in validation_error.errors()}
+            raise BadRequestAPIError(detail=error)
+        except JSONDecodeError:
+            raise JSONDecodeAPIError
+
+
+class MetaGenericAPI(type):
+    def __new__(
+            cls,
+            cls_name: str,
+            bases: tuple[type[typing.Any], ...],
+            namespace: dict[str, typing.Any],
+            **kwargs
+    ):
+        if cls_name == 'GenericAPI':
+            return super().__new__(cls, cls_name, bases, namespace)
+        if 'output_model' in namespace:
+            deprecation_message = (
+                    traceback.format_stack(limit=2)[0] +
+                    '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
+                    '\nPlease update your code to use the new approach. More info: '
+                    'https://pantherpy.github.io/open_api/'
+            )
+            raise PantherError(deprecation_message)
+        return super().__new__(cls, cls_name, bases, namespace)
+
+
+class GenericAPI(metaclass=MetaGenericAPI):
+    """
+    Check out the documentation of `panther.app.API()`.
+    """
+    input_model: type[ModelSerializer] | type[BaseModel] | None = None
+    output_schema: OutputSchema | None = None
+    auth: bool = False
+    permissions: list | None = None
+    throttling: Throttling | None = None
+    cache: bool = False
+    cache_exp_time: timedelta | int | None = None
+    middlewares: list[HTTPMiddleware] | None = None
+
+    async def get(self, *args, **kwargs):
+        raise MethodNotAllowedAPIError
+
+    async def post(self, *args, **kwargs):
+        raise MethodNotAllowedAPIError
+
+    async def put(self, *args, **kwargs):
+        raise MethodNotAllowedAPIError
+
+    async def patch(self, *args, **kwargs):
+        raise MethodNotAllowedAPIError
+
+    async def delete(self, *args, **kwargs):
+        raise MethodNotAllowedAPIError
+
+    async def call_method(self, request: Request):
+        match request.method:
+            case 'GET':
+                func = self.get
+            case 'POST':
+                func = self.post
+            case 'PUT':
+                func = self.put
+            case 'PATCH':
+                func = self.patch
+            case 'DELETE':
+                func = self.delete
+            case 'OPTIONS':
+                func = API.options
+            case _:
+                raise MethodNotAllowedAPIError
+
+        return await API(
+            input_model=self.input_model,
+            output_schema=self.output_schema,
+            auth=self.auth,
+            permissions=self.permissions,
+            throttling=self.throttling,
+            cache=self.cache,
+            cache_exp_time=self.cache_exp_time,
+            middlewares=self.middlewares,
+        )(func)(request=request)

{panther-4.3.6 → panther-5.0.0b1}/panther/authentications.py

@@ -29,9 +29,9 @@ class BaseAuthentication:
         msg = f'{cls.__name__}.authentication() is not implemented.'
         raise cls.exception(msg) from None
 
-    @staticmethod
-    def exception(message: str, /) -> type[AuthenticationAPIError]:
-        logger.error(f'Authentication Error: "{message}"')
+    @classmethod
+    def exception(cls, message: str | Exception, /) -> type[AuthenticationAPIError]:
+        logger.error(f'{cls.__name__} Error: "{message}"')
         return AuthenticationAPIError
 
 
@@ -151,16 +151,33 @@ class JWTAuthentication(BaseAuthentication):
         key = generate_hash_value_from_string(token)
         return bool(await redis.exists(key))
 
-    @staticmethod
-    def exception(message: str | JWTError | UnicodeEncodeError, /) -> type[AuthenticationAPIError]:
-        logger.error(f'JWT Authentication Error: "{message}"')
-        return AuthenticationAPIError
-
 
 class QueryParamJWTAuthentication(JWTAuthentication):
     @classmethod
     def get_authorization_header(cls, request: Request | Websocket) -> str:
         if auth := request.query_params.get('authorization'):
             return auth
-        msg = 'Authorization is required'
+        msg = '`authorization` query param not found.'
+        raise cls.exception(msg) from None
+
+
+class CookieJWTAuthentication(JWTAuthentication):
+    @classmethod
+    def get_authorization_header(cls, request: Request | Websocket) -> str:
+        if token := request.headers.get_cookies().get('access_token'):
+            return token
+        msg = '`access_token` Cookie not found.'
         raise cls.exception(msg) from None
+
+    @classmethod
+    async def authentication(cls, request: Request | Websocket) -> Model:
+        token = cls.get_authorization_header(request)
+
+        if redis.is_connected and await cls._check_in_cache(token=token):
+            msg = 'User logged out'
+            raise cls.exception(msg) from None
+
+        payload = cls.decode_jwt(token)
+        user = await cls.get_user(payload)
+        user._auth_token = token
+        return user