pypomes-jwt 1.0.4__tar.gz → 1.0.6__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pypomes-jwt might be problematic. Click here for more details.

Files changed (9) hide show
  1. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/PKG-INFO +1 -1
  2. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/pyproject.toml +1 -1
  3. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/jwt_pomes.py +6 -7
  4. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/jwt_registry.py +15 -4
  5. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/.gitignore +0 -0
  6. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/LICENSE +0 -0
  7. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/README.md +0 -0
  8. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/__init__.py +0 -0
  9. {pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/jwt_constants.py +0 -0
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: pypomes_jwt
3
- Version: 1.0.4
3
+ Version: 1.0.6
4
4
  Summary: A collection of Python pomes, penyeach (JWT module)
5
5
  Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
6
6
  Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/pyproject.toml RENAMED
@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
6
6
 
7
7
  [project]
8
8
  name = "pypomes_jwt"
9
- version = "1.0.4"
9
+ version = "1.0.6"
10
10
  authors = [
11
11
  { name="GT Nunes", email="wisecoder01@gmail.com" }
12
12
  ]
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/jwt_pomes.py RENAMED
@@ -52,16 +52,15 @@ def jwt_verify_request(request: Request) -> Response:
52
52
  auth_header: str = request.headers.get("Authorization")
53
53
 
54
54
  # was a 'Bearer' authorization obtained ?
55
- bad_token: bool = False
55
+ bad_token: bool = True
56
56
  if auth_header and auth_header.startswith("Bearer "):
57
57
  # yes, extract and validate the JWT access token
58
58
  token: str = auth_header.split(" ")[1]
59
59
  errors: list[str] = []
60
- jwt_validate_token(errors=errors,
61
- nature="A",
62
- token=token)
63
- if errors:
64
- bad_token = True
60
+ if jwt_validate_token(errors=errors,
61
+ nature="A",
62
+ token=token):
63
+ bad_token = False
65
64
 
66
65
  # deny the authorization
67
66
  if bad_token:
@@ -480,7 +479,7 @@ def jwt_refresh_tokens(errors: list[str] | None,
480
479
  logger.error(msg=f"Error refreshing the token pair: {exc_err}")
481
480
  op_errors.append(exc_err)
482
481
 
483
- # conclude the transaction
482
+ # wrap-up the transaction
484
483
  if op_errors:
485
484
  db_rollback(errors=op_errors,
486
485
  connection=db_conn,
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/src/pypomes_jwt/jwt_registry.py RENAMED
@@ -308,7 +308,7 @@ class JwtRegistry:
308
308
  committable=False,
309
309
  logger=logger)
310
310
 
311
- # conclude the transaction
311
+ # wrap-up the transaction
312
312
  if not db_conn:
313
313
  if errors:
314
314
  db_rollback(errors=errors,
@@ -362,7 +362,7 @@ def _jwt_persist_token(account_id: str,
362
362
  db_conn: Any,
363
363
  logger: Logger = None) -> int:
364
364
  """
365
- Persist the given token, making sure that the account limit is adhered to.
365
+ Persist the given token, making sure that the account limit is complied with.
366
366
 
367
367
  The tokens in storage, associated with *account_id*, are examined for their expiration timestamp.
368
368
  If a token's expiration timestamp is in the past, it is removed from storage. If the maximum number
@@ -399,6 +399,7 @@ def _jwt_persist_token(account_id: str,
399
399
  just_now: int = int(datetime.now(tz=timezone.utc).timestamp())
400
400
  oldest_ts: int = sys.maxsize
401
401
  oldest_id: int | None = None
402
+ existing_ids: list[int] = []
402
403
  expired: list[int] = []
403
404
  for rec in recs:
404
405
  token: str = rec[1]
@@ -420,6 +421,9 @@ def _jwt_persist_token(account_id: str,
420
421
  oldest_ts = iat
421
422
  oldest_id = token_id
422
423
 
424
+ # save token id
425
+ existing_ids.append(token_id)
426
+
423
427
  # remove expired tokens from persistence
424
428
  if expired:
425
429
  db_delete(errors=errors,
@@ -460,11 +464,18 @@ def _jwt_persist_token(account_id: str,
460
464
  if errors:
461
465
  raise RuntimeError("; ".join(errors))
462
466
 
463
- # obtain the token's storage id
467
+ # obtain and return the token's storage id
468
+ # HAZARD: JWT_DB_COL_TOKEN's column type might prevent it for being used in a WHERE clause
469
+ where_clause: str | None = None
470
+ if existing_ids:
471
+ where_clause = f"{JWT_DB_COL_KID} NOT IN {existing_ids}"
472
+ where_clause = where_clause.replace("[", "(", 1).replace("]", ")", 1)
464
473
  reply: list[tuple[int]] = db_select(errors=errors,
465
474
  sel_stmt=f"SELECT {JWT_DB_COL_KID} "
466
475
  f"FROM {JWT_DB_TABLE}",
467
- where_data={JWT_DB_COL_TOKEN: jwt_token},
476
+ where_clause=where_clause,
477
+ where_data={JWT_DB_COL_ACCOUNT: account_id},
478
+ require_count=1,
468
479
  connection=db_conn,
469
480
  committable=False,
470
481
  logger=logger)
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/.gitignore RENAMED
File without changes
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/LICENSE RENAMED
File without changes
{pypomes_jwt-1.0.4 → pypomes_jwt-1.0.6}/README.md RENAMED
File without changes