sanic-security 1.11.7__py3-none-any.whl → 1.12.1__py3-none-any.whl

sanic_security/test/tests.py

@@ -7,21 +7,25 @@ import httpx
 from sanic_security.configuration import Config
 
 """
-An effective, simple, and async security library for the Sanic framework.
-Copyright (C) 2020-present Aidan Stewart
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as published
-by the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
+Copyright (c) 2020-present Nicholas Aidan Stewart
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
 """
 
 
@@ -290,6 +294,21 @@ class LoginTest(TestCase):
         )
         assert authenticate_response.status_code == 200, authenticate_response.text
 
+    def test_anonymous_login(self):
+        """
+        Test login of anonymous user.
+        """
+        anon_login_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth/login/anon"
+        )
+        assert anon_login_response.status_code == 200, anon_login_response.text
+        authenticate_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth",
+        )
+        assert authenticate_response.status_code == 200, authenticate_response.text
+        logout_response = self.client.post("http://127.0.0.1:8000/api/test/auth/logout")
+        assert logout_response.status_code == 200, logout_response.text
+
 
 class VerificationTest(TestCase):
     """
@@ -468,6 +487,23 @@ class AuthorizationTest(TestCase):
             prohibited_authorization_response.status_code == 403
         ), prohibited_authorization_response.text
 
+    def test_anonymous_authorization(self):
+        anon_login_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth/login/anon"
+        )
+        assert anon_login_response.status_code == 200, anon_login_response.text
+        authenticate_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth",
+        )
+        assert authenticate_response.status_code == 200, authenticate_response.text
+        prohibited_authorization_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth/roles",
+            data={"role": "AuthTestPerms"},
+        )
+        assert (
+            prohibited_authorization_response.status_code == 403
+        ), prohibited_authorization_response.text
+
 
 class MiscTest(TestCase):
     """
@@ -511,3 +547,34 @@ class MiscTest(TestCase):
         assert (
             retrieve_associated_response.status_code == 200
         ), retrieve_associated_response.text
+
+    def test_authentication_refresh(self):
+        """
+        Test automatic authentication refresh.
+        """
+        self.client.post(
+            "http://127.0.0.1:8000/api/test/account",
+            data={
+                "email": "refreshed@misc.test",
+                "username": "refreshed",
+            },
+        )
+        login_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth/login",
+            auth=("refreshed@misc.test", "password"),
+        )
+        assert login_response.status_code == 200, login_response.text
+        expire_response = self.client.post("http://127.0.0.1:8000/api/test/auth/expire")
+        assert expire_response.status_code == 200, expire_response.text
+        authenticate_refresh_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth",
+        )
+        assert (
+            json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
+        ), authenticate_refresh_response.text
+        authenticate_response = self.client.post(
+            "http://127.0.0.1:8000/api/test/auth",
+        )  # Since session refresh handling is complete, it will be returned as a regular session now.
+        assert (
+            json.loads(authenticate_response.text)["data"]["refresh"] is False
+        ), authenticate_response.text

sanic_security/utils.py

@@ -1,27 +1,29 @@
 import datetime
 import random
-import string
 
 from sanic.request import Request
 from sanic.response import json as sanic_json, HTTPResponse
 
-
 """
-An effective, simple, and async security library for the Sanic framework.
-Copyright (C) 2020-present Aidan Stewart
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as published
-by the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
+Copyright (c) 2020-Present Nicholas Aidan Stewart
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
 """
 
 
@@ -45,10 +47,12 @@ def get_code() -> str:
     Returns:
         code
     """
-    return "".join(random.choices(string.digits + string.ascii_uppercase, k=6))
+    return str(random.randint(100000, 999999))
 
 
-def json(message: str, data, status_code: int = 200) -> HTTPResponse:
+def json(
+    message: str, data, status_code: int = 200
+) -> HTTPResponse:  # May be causing fixture error bc of json property
     """
     A preformatted Sanic json response.
 
@@ -76,7 +80,7 @@ def get_expiration_date(seconds: int) -> datetime.datetime:
         expiration_date
     """
     return (
-        datetime.datetime.utcnow() + datetime.timedelta(seconds=seconds)
+        datetime.datetime.now(datetime.UTC) + datetime.timedelta(seconds=seconds)
         if seconds > 0
         else None
     )

sanic_security/verification.py

@@ -15,21 +15,25 @@ from sanic_security.models import (
 )
 
 """
-An effective, simple, and async security library for the Sanic framework.
-Copyright (C) 2020-present Aidan Stewart
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as published
-by the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
+Copyright (c) 2020-present Nicholas Aidan Stewart
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
 """
 
 
@@ -122,10 +126,7 @@ def requires_two_step_verification(arg=None):
 
         return wrapper
 
-    if callable(arg):
-        return decorator(arg)
-    else:
-        return decorator
+    return decorator(arg) if callable(arg) else decorator
 
 
 async def verify_account(request: Request) -> TwoStepSession:

sanic_security-1.12.1.dist-info/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Nicholas Aidan Stewart
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.