panther 5.0.0b2__py3-none-any.whl → 5.0.0b4__py3-none-any.whl

panther/__init__.py

@@ -1,6 +1,6 @@
 from panther.main import Panther  # noqa: F401
 
-__version__ = '5.0.0beta2'
+__version__ = '5.0.0beta4'
 
 
 def version():

panther/_load_configs.py

@@ -6,8 +6,8 @@ from multiprocessing import Manager
 
 import jinja2
 
-from panther._utils import import_class, check_function_type_endpoint, check_class_type_endpoint
-from panther.background_tasks import background_tasks
+from panther._utils import check_class_type_endpoint, check_function_type_endpoint, import_class
+from panther.background_tasks import _background_tasks
 from panther.base_websocket import WebsocketConnections
 from panther.cli.utils import import_error
 from panther.configs import JWTConfig, config
@@ -15,34 +15,35 @@ from panther.db.connections import redis
 from panther.db.queries.mongodb_queries import BaseMongoDBQuery
 from panther.db.queries.pantherdb_queries import BasePantherDBQuery
 from panther.exceptions import PantherError
-from panther.middlewares.base import WebsocketMiddleware, HTTPMiddleware
+from panther.middlewares.base import HTTPMiddleware, WebsocketMiddleware
 from panther.middlewares.monitoring import MonitoringMiddleware, WebsocketMonitoringMiddleware
 from panther.panel.views import HomeView
 from panther.routings import finalize_urls, flatten_urls
 
 __all__ = (
+    'check_endpoints_inheritance',
+    'load_authentication_class',
+    'load_auto_reformat',
+    'load_background_tasks',
     'load_configs_module',
-    'load_redis',
-    'load_startup',
-    'load_shutdown',
-    'load_timezone',
     'load_database',
-    'load_secret_key',
-    'load_throttling',
-    'load_user_model',
     'load_log_queries',
     'load_middlewares',
+    'load_other_configs',
+    'load_redis',
+    'load_secret_key',
+    'load_shutdown',
+    'load_startup',
     'load_templates_dir',
-    'load_auto_reformat',
-    'load_background_tasks',
-    'load_default_cache_exp',
+    'load_throttling',
+    'load_timezone',
     'load_urls',
-    'load_authentication_class',
+    'load_user_model',
     'load_websocket_connections',
-    'check_endpoints_inheritance',
 )
 
 logger = logging.getLogger('panther')
+monitoring_logger = logging.getLogger('monitoring')
 
 
 def load_configs_module(module_name: str, /) -> dict:
@@ -88,7 +89,7 @@ def load_timezone(_configs: dict, /) -> None:
 
 
 def load_templates_dir(_configs: dict, /) -> None:
-    if templates_dir := _configs.get('TEMPLATES_DIR'):
+    if templates_dir := _configs.get('TEMPLATES_DIR', '.'):
         config.TEMPLATES_DIR = templates_dir
 
     if config.TEMPLATES_DIR == '.':
@@ -100,8 +101,8 @@ def load_templates_dir(_configs: dict, /) -> None:
                 jinja2.FileSystemLoader(searchpath=config.TEMPLATES_DIR),
                 jinja2.PackageLoader(package_name='panther', package_path='panel/templates/'),
                 jinja2.PackageLoader(package_name='panther', package_path='openapi/templates/'),
-            )
-        )
+            ),
+        ),
     )
 
 
@@ -109,7 +110,7 @@ def load_database(_configs: dict, /) -> None:
     database_config = _configs.get('DATABASE', {})
     if 'engine' in database_config:
         if 'class' not in database_config['engine']:
-            raise _exception_handler(field='DATABASE', error=f'`engine["class"]` not found.')
+            raise _exception_handler(field='DATABASE', error='`engine["class"]` not found.')
 
         engine_class_path = database_config['engine']['class']
         engine_class = import_class(engine_class_path)
@@ -131,7 +132,7 @@ def load_database(_configs: dict, /) -> None:
 
 def load_secret_key(_configs: dict, /) -> None:
     if secret_key := _configs.get('SECRET_KEY'):
-        config.SECRET_KEY = secret_key.encode()
+        config.SECRET_KEY = secret_key
 
 
 def load_throttling(_configs: dict, /) -> None:
@@ -141,7 +142,8 @@ def load_throttling(_configs: dict, /) -> None:
 
 def load_user_model(_configs: dict, /) -> None:
     config.USER_MODEL = import_class(_configs.get('USER_MODEL', 'panther.db.models.BaseUser'))
-    config.MODELS.append(config.USER_MODEL)
+    if config.USER_MODEL not in config.MODELS:
+        config.MODELS.append(config.USER_MODEL)
 
 
 def load_log_queries(_configs: dict, /) -> None:
@@ -162,12 +164,14 @@ def load_middlewares(_configs: dict, /) -> None:
                 _deprecated_warning(
                     field='MIDDLEWARES',
                     message='`data` does not supported in middlewares anymore, as your data is static you may want '
-                            'to pass them to your middleware with config variables'
+                    'to pass them to your middleware with config variables',
                 )
                 middleware = middleware[0]
             else:
                 raise _exception_handler(
-                    field='MIDDLEWARES', error=f'{middleware} should be dotted path or type of a middleware class')
+                    field='MIDDLEWARES',
+                    error=f'{middleware} should be dotted path or type of a middleware class',
+                )
 
         # `middleware` can be type or path of a class
         if not callable(middleware):
@@ -175,9 +179,12 @@ def load_middlewares(_configs: dict, /) -> None:
                 middleware = import_class(middleware)
             except (AttributeError, ModuleNotFoundError):
                 raise _exception_handler(
-                    field='MIDDLEWARES', error=f'{middleware} is not a valid middleware path or type')
+                    field='MIDDLEWARES',
+                    error=f'{middleware} is not a valid middleware path or type',
+                )
 
         if issubclass(middleware, (MonitoringMiddleware, WebsocketMonitoringMiddleware)):
+            monitoring_logger.debug('')  # Initiated
             config.MONITORING = True
 
         if issubclass(middleware, HTTPMiddleware):
@@ -187,7 +194,7 @@ def load_middlewares(_configs: dict, /) -> None:
         else:
             raise _exception_handler(
                 field='MIDDLEWARES',
-                error='is not a sub class of `HTTPMiddleware` or `WebsocketMiddleware`'
+                error='is not a sub class of `HTTPMiddleware` or `WebsocketMiddleware`',
             )
 
     config.HTTP_MIDDLEWARES = middlewares['http']
@@ -202,12 +209,14 @@ def load_auto_reformat(_configs: dict, /) -> None:
 def load_background_tasks(_configs: dict, /) -> None:
     if _configs.get('BACKGROUND_TASKS'):
         config.BACKGROUND_TASKS = True
-        background_tasks.initialize()
+        _background_tasks.initialize()
 
 
-def load_default_cache_exp(_configs: dict, /) -> None:
-    if default_cache_exp := _configs.get('DEFAULT_CACHE_EXP'):
-        config.DEFAULT_CACHE_EXP = default_cache_exp
+def load_other_configs(_configs: dict, /) -> None:
+    known_configs = set(config.__dataclass_fields__)
+    for key, value in _configs.items():
+        if key.isupper() and key not in known_configs:
+            config[key] = value
 
 
 def load_urls(_configs: dict, /, urls: dict | None) -> None:
@@ -222,7 +231,7 @@ def load_urls(_configs: dict, /, urls: dict | None) -> None:
 
     elif isinstance(url_routing, dict):
         error = (
-            "can't be 'dict', you may want to pass it's value directly to Panther(). " 'Example: Panther(..., urls=...)'
+            "can't be 'dict', you may want to pass it's value directly to Panther(). Example: Panther(..., urls=...)"
         )
         raise _exception_handler(field='URLs', error=error)
 
@@ -256,18 +265,18 @@ def load_authentication_class(_configs: dict, /) -> None:
 
 def load_jwt_config(_configs: dict, /) -> None:
     """Only Collect JWT Config If Authentication Is JWTAuthentication"""
-    auth_is_jwt = (
-            getattr(config.AUTHENTICATION, '__name__', None) == 'JWTAuthentication' or
-            getattr(config.WS_AUTHENTICATION, '__name__', None) == 'QueryParamJWTAuthentication'
-    )
-    jwt = _configs.get('JWTConfig', {})
+    from panther.authentications import JWTAuthentication
 
+    auth_is_jwt = (config.AUTHENTICATION and issubclass(config.AUTHENTICATION, JWTAuthentication)) or (
+        config.WS_AUTHENTICATION and issubclass(config.WS_AUTHENTICATION, JWTAuthentication)
+    )
+    jwt = _configs.get('JWT_CONFIG', {})
     using_panel_views = HomeView in config.FLAT_URLS.values()
     if auth_is_jwt or using_panel_views:
         if 'key' not in jwt:
             if config.SECRET_KEY is None:
                 raise _exception_handler(field='JWTConfig', error='`JWTConfig.key` or `SECRET_KEY` is required.')
-            jwt['key'] = config.SECRET_KEY.decode()
+            jwt['key'] = config.SECRET_KEY
         config.JWT_CONFIG = JWTConfig(**jwt)
 
 
@@ -287,7 +296,7 @@ def load_websocket_connections():
 
 def check_endpoints_inheritance():
     """Should be after `load_urls()`"""
-    for _, endpoint in config.FLAT_URLS.items():
+    for endpoint in config.FLAT_URLS.values():
         if endpoint == {}:
             continue
 

panther/_utils.py

@@ -4,9 +4,9 @@ import logging
 import re
 import subprocess
 import types
-from collections.abc import Callable
+from collections.abc import AsyncGenerator, Callable, Generator, Iterator
 from traceback import TracebackException
-from typing import Any, Generator, Iterator, AsyncGenerator
+from typing import Any
 
 from panther.exceptions import PantherError
 from panther.file_handler import File
@@ -20,51 +20,65 @@ def import_class(dotted_path: str, /) -> type[Any]:
     -------
         Input: panther.db.models.User
         Output: User (The Class)
+
     """
     path, name = dotted_path.rsplit('.', 1)
     module = importlib.import_module(path)
     return getattr(module, name)
 
 
+NEWLINE_CRLF = b'\r\n'  # Windows-style
+NEWLINE_LF = b'\n'  # Unix/Linux-style
+
+# Regex patterns for CRLF (Windows)
+FIELD_PATTERN_CRLF = re.compile(rb'Content-Disposition: form-data; name="(.*)"\r\n\r\n(.*)', flags=re.DOTALL)
+FILE_PATTERN_CRLF = re.compile(rb'Content-Disposition: form-data; name="(.*)"; filename="(.*)"\r\nContent-Type: (.*)')
+
+# Regex patterns for LF (Linux)
+FIELD_PATTERN_LF = re.compile(rb'Content-Disposition: form-data; name="(.*)"\n\n(.*)', flags=re.DOTALL)
+FILE_PATTERN_LF = re.compile(rb'Content-Disposition: form-data; name="(.*)"; filename="(.*)"\nContent-Type: (.*)')
+
+
 def read_multipart_form_data(boundary: str, body: bytes) -> dict:
-    boundary = b'--' + boundary.encode()
-    new_line = b'\r\n' if body[-2:] == b'\r\n' else b'\n'
-
-    field_pattern = (
-            rb'(Content-Disposition: form-data; name=")(.*)("'
-            + 2 * new_line
-            + b')(.*)'
-    )
-    file_pattern = (
-            rb'(Content-Disposition: form-data; name=")(.*)("; filename=")(.*)("'
-            + new_line
-            + b'Content-Type: )(.*)'
-    )
+    boundary_bytes = b'--' + boundary.encode()
+
+    # Choose newline type and corresponding patterns
+    if body.endswith(NEWLINE_CRLF):
+        newline = NEWLINE_CRLF
+        field_pattern = FIELD_PATTERN_CRLF
+        file_pattern = FILE_PATTERN_CRLF
+    else:
+        newline = NEWLINE_LF
+        field_pattern = FIELD_PATTERN_LF
+        file_pattern = FILE_PATTERN_LF
 
     data = {}
-    for _row in body.split(boundary):
-        row = _row.removeprefix(new_line).removesuffix(new_line)
+    for part in body.split(boundary_bytes):
+        part = part.removeprefix(newline).removesuffix(newline)
 
-        if row in (b'', b'--'):
+        if part in (b'', b'--'):
             continue
 
-        if match := re.match(pattern=field_pattern, string=row, flags=re.DOTALL):
-            _, field_name, _, value = match.groups()
+        if match := field_pattern.match(string=part):
+            field_name, value = match.groups()
             data[field_name.decode('utf-8')] = value.decode('utf-8')
+            continue
 
+        try:
+            headers, file_content = part.split(2 * newline, 1)
+        except ValueError:
+            logger.error('Malformed part, skipping.')
+            continue
+
+        if match := file_pattern.match(string=headers):
+            field_name, file_name, content_type = match.groups()
+            data[field_name.decode('utf-8')] = File(
+                file_name=file_name.decode('utf-8'),
+                content_type=content_type.decode('utf-8'),
+                file=file_content,
+            )
         else:
-            file_meta_data, value = row.split(2 * new_line, 1)
-
-            if match := re.match(pattern=file_pattern, string=file_meta_data):
-                _, field_name, _, file_name, _, content_type = match.groups()
-                file = File(
-                    file_name=file_name.decode('utf-8'),
-                    content_type=content_type.decode('utf-8'),
-                    file=value,
-                )
-                data[field_name.decode('utf-8')] = file
-            else:
-                logger.error('Unrecognized Pattern')
+            logger.error('Unrecognized multipart format')
 
     return data
 
@@ -94,7 +108,8 @@ def check_function_type_endpoint(endpoint: types.FunctionType) -> Callable:
     # Function Doesn't Have @API Decorator
     if not hasattr(endpoint, '__wrapped__'):
         raise PantherError(
-            f'You may have forgotten to use `@API()` on the `{endpoint.__module__}.{endpoint.__name__}()`')
+            f'You may have forgotten to use `@API()` on the `{endpoint.__module__}.{endpoint.__name__}()`',
+        )
 
 
 def check_class_type_endpoint(endpoint: Callable) -> Callable:
@@ -104,7 +119,7 @@ def check_class_type_endpoint(endpoint: Callable) -> Callable:
     if not issubclass(endpoint, (GenericAPI, GenericWebsocket)):
         raise PantherError(
             f'You may have forgotten to inherit from `panther.app.GenericAPI` or `panther.app.GenericWebsocket` '
-            f'on the `{endpoint.__module__}.{endpoint.__name__}()`'
+            f'on the `{endpoint.__module__}.{endpoint.__name__}()`',
         )
 
 

panther/app.py

@@ -2,36 +2,35 @@ import functools
 import logging
 import traceback
 import typing
+from collections.abc import Callable
 from datetime import timedelta
-from typing import Literal, Callable
+from typing import Literal
 
 from orjson import JSONDecodeError
-from pydantic import ValidationError, BaseModel
+from pydantic import BaseModel, ValidationError
 
 from panther._utils import is_function_async
+from panther.base_request import BaseRequest
 from panther.caching import (
     get_response_from_cache,
     set_response_in_cache,
-    get_throttling_from_cache,
-    increment_throttling_in_cache
 )
 from panther.configs import config
 from panther.exceptions import (
     APIError,
     AuthorizationAPIError,
+    BadRequestAPIError,
     JSONDecodeAPIError,
     MethodNotAllowedAPIError,
-    ThrottlingAPIError,
-    BadRequestAPIError
+    PantherError,
 )
-from panther.exceptions import PantherError
 from panther.middlewares import HTTPMiddleware
 from panther.openapi import OutputSchema
 from panther.permissions import BasePermission
 from panther.request import Request
 from panther.response import Response
 from panther.serializer import ModelSerializer
-from panther.throttling import Throttling
+from panther.throttling import Throttle
 
 __all__ = ('API', 'GenericAPI')
 
@@ -40,6 +39,7 @@ logger = logging.getLogger('panther')
 
 class API:
     """
+    methods: Specify the allowed methods.
     input_model: The `request.data` will be validated with this attribute, It will raise an
         `panther.exceptions.BadRequestAPIError` or put the validated data in the `request.validated_data`.
     output_schema: This attribute only used in creation of OpenAPI scheme which is available in `panther.openapi.urls`
@@ -47,12 +47,11 @@ class API:
     auth: It will authenticate the user with header of its request or raise an
         `panther.exceptions.AuthenticationAPIError`.
     permissions: List of permissions that will be called sequentially after authentication to authorize the user.
-    throttling: It will limit the users' request on a specific (time-bucket, path)
-    cache: Response of the request will be cached.
-    cache_exp_time: Specify the expiry time of the cache. (default is `config.DEFAULT_CACHE_EXP`)
-    methods: Specify the allowed methods.
+    throttling: It will limit the users' request on a specific (time-window, path)
+    cache: Specify the duration of the cache (Will be used only in GET requests).
     middlewares: These middlewares have inner priority than global middlewares.
     """
+
     func: Callable
 
     def __init__(
@@ -60,36 +59,68 @@ class API:
         *,
         methods: list[Literal['GET', 'POST', 'PUT', 'PATCH', 'DELETE']] | None = None,
         input_model: type[ModelSerializer] | type[BaseModel] | None = None,
-        output_model: type[BaseModel] | None = None,
         output_schema: OutputSchema | None = None,
         auth: bool = False,
-        permissions: list[BasePermission] | None = None,
-        throttling: Throttling | None = None,
-        cache: bool = False,
-        cache_exp_time: timedelta | int | None = None,
-        middlewares: list[HTTPMiddleware] | None = None,
+        permissions: list[type[BasePermission]] | None = None,
+        throttling: Throttle | None = None,
+        cache: timedelta | None = None,
+        middlewares: list[type[HTTPMiddleware]] | None = None,
+        **kwargs,
     ):
-        self.methods = {m.upper() for m in methods} if methods else None
+        self.methods = {m.upper() for m in methods} if methods else {'GET', 'POST', 'PUT', 'PATCH', 'DELETE'}
         self.input_model = input_model
         self.output_schema = output_schema
         self.auth = auth
         self.permissions = permissions or []
         self.throttling = throttling
         self.cache = cache
-        self.cache_exp_time = cache_exp_time
-        self.middlewares: list[HTTPMiddleware] | None = middlewares
+        self.middlewares: list[[HTTPMiddleware]] | None = middlewares
         self.request: Request | None = None
-        if output_model:
+        if kwargs.pop('output_model', None):
+            deprecation_message = (
+                traceback.format_stack(limit=2)[0]
+                + '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
+                '\nPlease update your code to use the new approach. More info: '
+                'https://pantherpy.github.io/open_api/'
+            )
+            raise PantherError(deprecation_message)
+        if kwargs.pop('cache_exp_time', None):
             deprecation_message = (
-                    traceback.format_stack(limit=2)[0] +
-                    '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
-                    '\nPlease update your code to use the new approach. More info: '
-                    'https://pantherpy.github.io/open_api/'
+                traceback.format_stack(limit=2)[0]
+                + '\nThe `cache_exp_time` argument has been removed in Panther v5 and is no longer available.'
+                '\nYou may want to use `cache` instead.'
             )
             raise PantherError(deprecation_message)
+        # Validate Cache
+        if self.cache and not isinstance(self.cache, timedelta):
+            deprecation_message = (
+                traceback.format_stack(limit=2)[0] + '\nThe `cache` argument has been changed in Panther v5, '
+                'it should be an instance of `datetime.timedelta()`.'
+            )
+            raise PantherError(deprecation_message)
+        assert self.cache is None or isinstance(self.cache, timedelta)
+        # Validate Permissions
+        for perm in self.permissions:
+            if is_function_async(perm.authorization) is False:
+                msg = f'{perm.__name__}.authorization() should be `async`'
+                logger.error(msg)
+                raise PantherError(msg)
+            if type(perm.authorization).__name__ != 'method':
+                msg = f'{perm.__name__}.authorization() should be `@classmethod`'
+                logger.error(msg)
+                raise PantherError(msg)
+        # Check kwargs
+        if kwargs:
+            msg = f'Unknown kwargs: {kwargs.keys()}'
+            logger.error(msg)
+            raise PantherError(msg)
 
     def __call__(self, func):
         self.func = func
+        self.is_function_async = is_function_async(self.func)
+        self.function_annotations = {
+            k: v for k, v in func.__annotations__.items() if v in {BaseRequest, Request, bool, int}
+        }
 
         @functools.wraps(func)
         async def wrapper(request: Request) -> Response:
@@ -110,37 +141,40 @@ class API:
     async def handle_endpoint(self, request: Request) -> Response:
         self.request = request
 
-        # 0. Preflight
-        if self.request.method == 'OPTIONS':
-            return self.options()
-
         # 1. Check Method
-        if self.methods and self.request.method not in self.methods:
+        if self.request.method not in self.methods:
             raise MethodNotAllowedAPIError
 
         # 2. Authentication
-        await self.handle_authentication()
+        if self.auth:
+            if not config.AUTHENTICATION:
+                logger.critical('"AUTHENTICATION" has not been set in configs')
+                raise APIError
+            self.request.user = await config.AUTHENTICATION.authentication(self.request)
 
         # 3. Permissions
-        await self.handle_permission()
+        for perm in self.permissions:
+            if await perm.authorization(self.request) is False:
+                raise AuthorizationAPIError
 
-        # 4. Throttling
-        await self.handle_throttling()
+        # 4. Throttle
+        if throttling := self.throttling or config.THROTTLING:
+            await throttling.check_and_increment(request=self.request)
 
         # 5. Validate Input
-        if self.request.method in {'POST', 'PUT', 'PATCH'}:
-            self.handle_input_validation()
+        if self.input_model and self.request.method in {'POST', 'PUT', 'PATCH'}:
+            self.request.validated_data = self.validate_input(model=self.input_model, request=self.request)
 
         # 6. Get Cached Response
         if self.cache and self.request.method == 'GET':
-            if cached := await get_response_from_cache(request=self.request, cache_exp_time=self.cache_exp_time):
+            if cached := await get_response_from_cache(request=self.request, duration=self.cache):
                 return Response(data=cached.data, headers=cached.headers, status_code=cached.status_code)
 
         # 7. Put PathVariables and Request(If User Wants It) In kwargs
-        kwargs = self.request.clean_parameters(self.func)
+        kwargs = self.request.clean_parameters(self.function_annotations)
 
         # 8. Call Endpoint
-        if is_function_async(self.func):
+        if self.is_function_async:
             response = await self.func(**kwargs)
         else:
             response = self.func(**kwargs)
@@ -153,48 +187,10 @@ class API:
 
         # 10. Set New Response To Cache
         if self.cache and self.request.method == 'GET':
-            await set_response_in_cache(request=self.request, response=response, cache_exp_time=self.cache_exp_time)
-
-        # 11. Warning CacheExpTime
-        if self.cache_exp_time and self.cache is False:
-            logger.warning('"cache_exp_time" won\'t work while "cache" is False')
+            await set_response_in_cache(request=self.request, response=response, duration=self.cache)
 
         return response
 
-    async def handle_authentication(self) -> None:
-        if self.auth:
-            if not config.AUTHENTICATION:
-                logger.critical('"AUTHENTICATION" has not been set in configs')
-                raise APIError
-            self.request.user = await config.AUTHENTICATION.authentication(self.request)
-
-    async def handle_throttling(self) -> None:
-        if throttling := self.throttling or config.THROTTLING:
-            if await get_throttling_from_cache(self.request, duration=throttling.duration) + 1 > throttling.rate:
-                raise ThrottlingAPIError
-
-            await increment_throttling_in_cache(self.request, duration=throttling.duration)
-
-    async def handle_permission(self) -> None:
-        for perm in self.permissions:
-            if type(perm.authorization).__name__ != 'method':
-                logger.error(f'{perm.__name__}.authorization should be "classmethod"')
-                raise AuthorizationAPIError
-            if await perm.authorization(self.request) is False:
-                raise AuthorizationAPIError
-
-    def handle_input_validation(self):
-        if self.input_model:
-            self.request.validated_data = self.validate_input(model=self.input_model, request=self.request)
-
-    @classmethod
-    def options(cls):
-        headers = {
-            'Access-Control-Allow-Methods': 'DELETE, GET, PATCH, POST, PUT, OPTIONS, HEAD',
-            'Access-Control-Allow-Headers': 'Accept, Authorization, User-Agent, Content-Type',
-        }
-        return Response(headers=headers)
-
     @classmethod
     def validate_input(cls, model, request: Request):
         if isinstance(request.data, bytes):
@@ -212,21 +208,15 @@ class API:
 
 
 class MetaGenericAPI(type):
-    def __new__(
-            cls,
-            cls_name: str,
-            bases: tuple[type[typing.Any], ...],
-            namespace: dict[str, typing.Any],
-            **kwargs
-    ):
+    def __new__(cls, cls_name: str, bases: tuple[type[typing.Any], ...], namespace: dict[str, typing.Any], **kwargs):
         if cls_name == 'GenericAPI':
             return super().__new__(cls, cls_name, bases, namespace)
         if 'output_model' in namespace:
             deprecation_message = (
-                    traceback.format_stack(limit=2)[0] +
-                    '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
-                    '\nPlease update your code to use the new approach. More info: '
-                    'https://pantherpy.github.io/open_api/'
+                traceback.format_stack(limit=2)[0]
+                + '\nThe `output_model` argument has been removed in Panther v5 and is no longer available.'
+                '\nPlease update your code to use the new approach. More info: '
+                'https://pantherpy.github.io/open_api/'
             )
             raise PantherError(deprecation_message)
         return super().__new__(cls, cls_name, bases, namespace)
@@ -236,15 +226,27 @@ class GenericAPI(metaclass=MetaGenericAPI):
     """
     Check out the documentation of `panther.app.API()`.
     """
+
     input_model: type[ModelSerializer] | type[BaseModel] | None = None
     output_schema: OutputSchema | None = None
     auth: bool = False
-    permissions: list | None = None
-    throttling: Throttling | None = None
-    cache: bool = False
-    cache_exp_time: timedelta | int | None = None
+    permissions: list[type[BasePermission]] | None = None
+    throttling: Throttle | None = None
+    cache: timedelta | None = None
     middlewares: list[HTTPMiddleware] | None = None
 
+    def __init_subclass__(cls, **kwargs):
+        # Creating API instance to validate the attributes.
+        API(
+            input_model=cls.input_model,
+            output_schema=cls.output_schema,
+            auth=cls.auth,
+            permissions=cls.permissions,
+            throttling=cls.throttling,
+            cache=cls.cache,
+            middlewares=cls.middlewares,
+        )
+
     async def get(self, *args, **kwargs):
         raise MethodNotAllowedAPIError
 
@@ -272,8 +274,6 @@ class GenericAPI(metaclass=MetaGenericAPI):
                 func = self.patch
             case 'DELETE':
                 func = self.delete
-            case 'OPTIONS':
-                func = API.options
             case _:
                 raise MethodNotAllowedAPIError
 
@@ -284,6 +284,5 @@ class GenericAPI(metaclass=MetaGenericAPI):
             permissions=self.permissions,
             throttling=self.throttling,
             cache=self.cache,
-            cache_exp_time=self.cache_exp_time,
             middlewares=self.middlewares,
         )(func)(request=request)