sanic-security 1.11.7__py3-none-any.whl → 1.12.1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -7,21 +7,25 @@ import httpx
7
7
  from sanic_security.configuration import Config
8
8
 
9
9
  """
10
- An effective, simple, and async security library for the Sanic framework.
11
- Copyright (C) 2020-present Aidan Stewart
12
-
13
- This program is free software: you can redistribute it and/or modify
14
- it under the terms of the GNU Affero General Public License as published
15
- by the Free Software Foundation, either version 3 of the License, or
16
- (at your option) any later version.
17
-
18
- This program is distributed in the hope that it will be useful,
19
- but WITHOUT ANY WARRANTY; without even the implied warranty of
20
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
- GNU Affero General Public License for more details.
22
-
23
- You should have received a copy of the GNU Affero General Public License
24
- along with this program. If not, see <https://www.gnu.org/licenses/>.
10
+ Copyright (c) 2020-present Nicholas Aidan Stewart
11
+
12
+ Permission is hereby granted, free of charge, to any person obtaining a copy
13
+ of this software and associated documentation files (the "Software"), to deal
14
+ in the Software without restriction, including without limitation the rights
15
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
16
+ copies of the Software, and to permit persons to whom the Software is
17
+ furnished to do so, subject to the following conditions:
18
+
19
+ The above copyright notice and this permission notice shall be included in all
20
+ copies or substantial portions of the Software.
21
+
22
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
23
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
24
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
25
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
26
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
27
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
28
+ SOFTWARE.
25
29
  """
26
30
 
27
31
 
@@ -290,6 +294,21 @@ class LoginTest(TestCase):
290
294
  )
291
295
  assert authenticate_response.status_code == 200, authenticate_response.text
292
296
 
297
+ def test_anonymous_login(self):
298
+ """
299
+ Test login of anonymous user.
300
+ """
301
+ anon_login_response = self.client.post(
302
+ "http://127.0.0.1:8000/api/test/auth/login/anon"
303
+ )
304
+ assert anon_login_response.status_code == 200, anon_login_response.text
305
+ authenticate_response = self.client.post(
306
+ "http://127.0.0.1:8000/api/test/auth",
307
+ )
308
+ assert authenticate_response.status_code == 200, authenticate_response.text
309
+ logout_response = self.client.post("http://127.0.0.1:8000/api/test/auth/logout")
310
+ assert logout_response.status_code == 200, logout_response.text
311
+
293
312
 
294
313
  class VerificationTest(TestCase):
295
314
  """
@@ -468,6 +487,23 @@ class AuthorizationTest(TestCase):
468
487
  prohibited_authorization_response.status_code == 403
469
488
  ), prohibited_authorization_response.text
470
489
 
490
+ def test_anonymous_authorization(self):
491
+ anon_login_response = self.client.post(
492
+ "http://127.0.0.1:8000/api/test/auth/login/anon"
493
+ )
494
+ assert anon_login_response.status_code == 200, anon_login_response.text
495
+ authenticate_response = self.client.post(
496
+ "http://127.0.0.1:8000/api/test/auth",
497
+ )
498
+ assert authenticate_response.status_code == 200, authenticate_response.text
499
+ prohibited_authorization_response = self.client.post(
500
+ "http://127.0.0.1:8000/api/test/auth/roles",
501
+ data={"role": "AuthTestPerms"},
502
+ )
503
+ assert (
504
+ prohibited_authorization_response.status_code == 403
505
+ ), prohibited_authorization_response.text
506
+
471
507
 
472
508
  class MiscTest(TestCase):
473
509
  """
@@ -511,3 +547,34 @@ class MiscTest(TestCase):
511
547
  assert (
512
548
  retrieve_associated_response.status_code == 200
513
549
  ), retrieve_associated_response.text
550
+
551
+ def test_authentication_refresh(self):
552
+ """
553
+ Test automatic authentication refresh.
554
+ """
555
+ self.client.post(
556
+ "http://127.0.0.1:8000/api/test/account",
557
+ data={
558
+ "email": "refreshed@misc.test",
559
+ "username": "refreshed",
560
+ },
561
+ )
562
+ login_response = self.client.post(
563
+ "http://127.0.0.1:8000/api/test/auth/login",
564
+ auth=("refreshed@misc.test", "password"),
565
+ )
566
+ assert login_response.status_code == 200, login_response.text
567
+ expire_response = self.client.post("http://127.0.0.1:8000/api/test/auth/expire")
568
+ assert expire_response.status_code == 200, expire_response.text
569
+ authenticate_refresh_response = self.client.post(
570
+ "http://127.0.0.1:8000/api/test/auth",
571
+ )
572
+ assert (
573
+ json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
574
+ ), authenticate_refresh_response.text
575
+ authenticate_response = self.client.post(
576
+ "http://127.0.0.1:8000/api/test/auth",
577
+ ) # Since session refresh handling is complete, it will be returned as a regular session now.
578
+ assert (
579
+ json.loads(authenticate_response.text)["data"]["refresh"] is False
580
+ ), authenticate_response.text
sanic_security/utils.py CHANGED
@@ -1,27 +1,29 @@
1
1
  import datetime
2
2
  import random
3
- import string
4
3
 
5
4
  from sanic.request import Request
6
5
  from sanic.response import json as sanic_json, HTTPResponse
7
6
 
8
-
9
7
  """
10
- An effective, simple, and async security library for the Sanic framework.
11
- Copyright (C) 2020-present Aidan Stewart
12
-
13
- This program is free software: you can redistribute it and/or modify
14
- it under the terms of the GNU Affero General Public License as published
15
- by the Free Software Foundation, either version 3 of the License, or
16
- (at your option) any later version.
17
-
18
- This program is distributed in the hope that it will be useful,
19
- but WITHOUT ANY WARRANTY; without even the implied warranty of
20
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
- GNU Affero General Public License for more details.
22
-
23
- You should have received a copy of the GNU Affero General Public License
24
- along with this program. If not, see <https://www.gnu.org/licenses/>.
8
+ Copyright (c) 2020-Present Nicholas Aidan Stewart
9
+
10
+ Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ of this software and associated documentation files (the "Software"), to deal
12
+ in the Software without restriction, including without limitation the rights
13
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ copies of the Software, and to permit persons to whom the Software is
15
+ furnished to do so, subject to the following conditions:
16
+
17
+ The above copyright notice and this permission notice shall be included in all
18
+ copies or substantial portions of the Software.
19
+
20
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ SOFTWARE.
25
27
  """
26
28
 
27
29
 
@@ -45,10 +47,12 @@ def get_code() -> str:
45
47
  Returns:
46
48
  code
47
49
  """
48
- return "".join(random.choices(string.digits + string.ascii_uppercase, k=6))
50
+ return str(random.randint(100000, 999999))
49
51
 
50
52
 
51
- def json(message: str, data, status_code: int = 200) -> HTTPResponse:
53
+ def json(
54
+ message: str, data, status_code: int = 200
55
+ ) -> HTTPResponse: # May be causing fixture error bc of json property
52
56
  """
53
57
  A preformatted Sanic json response.
54
58
 
@@ -76,7 +80,7 @@ def get_expiration_date(seconds: int) -> datetime.datetime:
76
80
  expiration_date
77
81
  """
78
82
  return (
79
- datetime.datetime.utcnow() + datetime.timedelta(seconds=seconds)
83
+ datetime.datetime.now(datetime.UTC) + datetime.timedelta(seconds=seconds)
80
84
  if seconds > 0
81
85
  else None
82
86
  )
@@ -15,21 +15,25 @@ from sanic_security.models import (
15
15
  )
16
16
 
17
17
  """
18
- An effective, simple, and async security library for the Sanic framework.
19
- Copyright (C) 2020-present Aidan Stewart
20
-
21
- This program is free software: you can redistribute it and/or modify
22
- it under the terms of the GNU Affero General Public License as published
23
- by the Free Software Foundation, either version 3 of the License, or
24
- (at your option) any later version.
25
-
26
- This program is distributed in the hope that it will be useful,
27
- but WITHOUT ANY WARRANTY; without even the implied warranty of
28
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29
- GNU Affero General Public License for more details.
30
-
31
- You should have received a copy of the GNU Affero General Public License
32
- along with this program. If not, see <https://www.gnu.org/licenses/>.
18
+ Copyright (c) 2020-present Nicholas Aidan Stewart
19
+
20
+ Permission is hereby granted, free of charge, to any person obtaining a copy
21
+ of this software and associated documentation files (the "Software"), to deal
22
+ in the Software without restriction, including without limitation the rights
23
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
24
+ copies of the Software, and to permit persons to whom the Software is
25
+ furnished to do so, subject to the following conditions:
26
+
27
+ The above copyright notice and this permission notice shall be included in all
28
+ copies or substantial portions of the Software.
29
+
30
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
31
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
32
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
33
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
34
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
35
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
36
+ SOFTWARE.
33
37
  """
34
38
 
35
39
 
@@ -122,10 +126,7 @@ def requires_two_step_verification(arg=None):
122
126
 
123
127
  return wrapper
124
128
 
125
- if callable(arg):
126
- return decorator(arg)
127
- else:
128
- return decorator
129
+ return decorator(arg) if callable(arg) else decorator
129
130
 
130
131
 
131
132
  async def verify_account(request: Request) -> TwoStepSession:
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2024 Nicholas Aidan Stewart
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.