sanic-security 1.12.1__py3-none-any.whl → 1.12.2__py3-none-any.whl

sanic_security/authentication.py

@@ -198,7 +198,7 @@ async def fulfill_second_factor(request: Request) -> AuthenticationSession:
 async def authenticate(request: Request) -> AuthenticationSession:
     """
     Validates client's authentication session and account. New/Refreshed session automatically returned
-    if expired during authentication, requires encoding.
+    if client's session expired during authentication, requires encoding.
 
     Args:
         request (Request): Sanic request parameter.
@@ -228,8 +228,8 @@ async def authenticate(request: Request) -> AuthenticationSession:
 
 def requires_authentication(arg=None):
     """
-    Validates client's authentication session and account. New/Refreshed session automatically returned if expired
-    during authentication, requires encoding.
+    Validates client's authentication session and account. New/Refreshed session automatically returned
+    if client's session expired during authentication, requires encoding.
 
     Example:
         This method is not called directly and instead used as a decorator:

sanic_security/configuration.py

@@ -39,7 +39,7 @@ DEFAULT_CONFIG = {
     "CAPTCHA_FONT": "captcha-font.ttf",
     "TWO_STEP_SESSION_EXPIRATION": 300,
     "AUTHENTICATION_SESSION_EXPIRATION": 86400,
-    "AUTHENTICATION_REFRESH_EXPIRATION": 2592000,
+    "AUTHENTICATION_REFRESH_EXPIRATION": 604800,
     "ALLOW_LOGIN_WITH_USERNAME": False,
     "INITIAL_ADMIN_EMAIL": "admin@example.com",
     "INITIAL_ADMIN_PASSWORD": "admin123",
@@ -65,7 +65,7 @@ class Config(dict):
         CAPTCHA_FONT (str): The file path to the font being used for captcha generation.
         TWO_STEP_SESSION_EXPIRATION (int):  The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.
         AUTHENTICATION_SESSION_EXPIRATION (int): The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.
-        AUTHENTICATION_REFRESH_EXPIRATION (int): The amount of seconds till authentication session refresh expiration.
+        AUTHENTICATION_REFRESH_EXPIRATION (int): The amount of seconds till authentication session refresh expiration. Setting to 0 will disable refresh mechanism.
         ALLOW_LOGIN_WITH_USERNAME (bool): Allows login via username and email.
         INITIAL_ADMIN_EMAIL (str): Email used when creating the initial admin account.
         INITIAL_ADMIN_PASSWORD (str): Password used when creating the initial admin account.

sanic_security/models.py

@@ -566,7 +566,8 @@ class AuthenticationSession(Session):
             raise NotExpiredError()
         except ExpiredError as e:
             if (
-                datetime.datetime.now(datetime.timezone.utc)
+                self.refresh_expiration_date
+                and datetime.datetime.now(datetime.timezone.utc)
                 <= self.refresh_expiration_date
             ):
                 self.active = False

sanic_security/test/tests.py

@@ -570,8 +570,9 @@ class MiscTest(TestCase):
             "http://127.0.0.1:8000/api/test/auth",
         )
         assert (
-            json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
+            authenticate_refresh_response.status_code == 200
         ), authenticate_refresh_response.text
+        assert json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
         authenticate_response = self.client.post(
             "http://127.0.0.1:8000/api/test/auth",
         )  # Since session refresh handling is complete, it will be returned as a regular session now.

{sanic_security-1.12.1.dist-info → sanic_security-1.12.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: sanic-security
-Version: 1.12.1
+Version: 1.12.2
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <na.stewart365@gmail.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -156,7 +156,7 @@ You can load environment variables with a different prefix via `config.load_envi
 | **CAPTCHA_FONT**                      | captcha-font.ttf             | The file path to the font being used for captcha generation.                                                                     |
 | **TWO_STEP_SESSION_EXPIRATION**       | 200                          | The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.                        |
 | **AUTHENTICATION_SESSION_EXPIRATION** | 86400                        | The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.                  |
-| **AUTHENTICATION_REFRESH_EXPIRATION** | 2592000                      | The amount of seconds till authentication refresh expiration.                                                                    |
+| **AUTHENTICATION_REFRESH_EXPIRATION** | 604800                       | The amount of seconds till authentication refresh expiration. Setting to 0 will disable refresh mechanism.                       |
 | **ALLOW_LOGIN_WITH_USERNAME**         | False                        | Allows login via username and email.                                                                                             |
 | **INITIAL_ADMIN_EMAIL**               | admin@example.com            | Email used when creating the initial admin account.                                                                              |
 | **INITIAL_ADMIN_PASSWORD**            | admin123                     | Password used when creating the initial admin account.                                                                           |
@@ -295,7 +295,7 @@ async def on_logout(request):
 
 * Authenticate
 
-New/Refreshed session will be returned if expired, requires encoding.
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
 
 ```python
 @app.post("api/security/auth")
@@ -312,7 +312,7 @@ async def on_authenticate(request):
 
 * Requires Authentication (This method is not called directly and instead used as a decorator)
 
-New/Refreshed session will be returned if expired, requires encoding.
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
 
 ```python
 @app.post("api/security/auth")
@@ -328,9 +328,9 @@ async def on_authenticate(request):
     return response
 ```
 
-* Authentication Refresh Middleware
+* Authentication Middleware
 
-If it's inconvenient to encode the refreshed session during authentication, it can also be done automatically via middleware.
+Refreshed session can be encoded automatically via middleware.
 
 ```python
 @app.on_response

sanic_security-1.12.2.dist-info/RECORD

@@ -0,0 +1,16 @@
+sanic_security/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+sanic_security/authentication.py,sha256=j-nFOLuNBcacKH34J04JIbsKSZ2JMH33ZqnS6vipwfQ,12508
+sanic_security/authorization.py,sha256=aQztMiZG9LDctr_C6QEzO5qScwbxpiLk96XVxwdCChM,6921
+sanic_security/configuration.py,sha256=p44nTSrBQQSJZYN6qJEod_Ettf90rRNlmPxmNzxqQ9A,5514
+sanic_security/exceptions.py,sha256=8c3xoQSiIKfSiOQOtw49RG8Qdlc3vZDzqjrEnPad4Ds,5411
+sanic_security/models.py,sha256=aB1fFCutUHDAg8jG3_VdZijOblXnSYh99gyA5fOm1u4,20528
+sanic_security/utils.py,sha256=Zgde7W69ixwv_H8eTs7indO5_U2Jvq62YUpG6ipN768,2629
+sanic_security/verification.py,sha256=vrxYborEOBKEirOHczul9WYub5j6T2ldXE1gsoA8iyY,7503
+sanic_security/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+sanic_security/test/server.py,sha256=qQtbQh8m9QYf4g1SL8QJbOyyJzAXFaNmDyBxU8b6RBc,12627
+sanic_security/test/tests.py,sha256=Hg40wlZfC-CDZX6lIjeT6uXy-3BJMc4ChJsnCRCBIu8,22459
+sanic_security-1.12.2.dist-info/LICENSE,sha256=sXlJs9_mG-dCkPfWsDnuzydJWagS82E2gYtkVH9enHA,1100
+sanic_security-1.12.2.dist-info/METADATA,sha256=YRKIzZgdU5Ka7QXR3Q0DdAj5dnNgHVh4P9vaVi03wV0,23954
+sanic_security-1.12.2.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91
+sanic_security-1.12.2.dist-info/top_level.txt,sha256=ZybkhHXSjfzhmv8XeqLvnNmLmv21Z0oPX6Ep4DJN8b0,15
+sanic_security-1.12.2.dist-info/RECORD,,

{sanic_security-1.12.1.dist-info → sanic_security-1.12.2.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (70.1.0)
+Generator: setuptools (70.1.1)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

sanic_security-1.12.1.dist-info/RECORD

@@ -1,16 +0,0 @@
-sanic_security/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sanic_security/authentication.py,sha256=ucOdF-g00BmztFAqFf7gy03PIwVXU0Jp0Y8NNC5OwAw,12474
-sanic_security/authorization.py,sha256=aQztMiZG9LDctr_C6QEzO5qScwbxpiLk96XVxwdCChM,6921
-sanic_security/configuration.py,sha256=U-xUgceT5ZRjbxYocrzhxyJYFBkobCrlxLNMVGJNX2k,5470
-sanic_security/exceptions.py,sha256=8c3xoQSiIKfSiOQOtw49RG8Qdlc3vZDzqjrEnPad4Ds,5411
-sanic_security/models.py,sha256=Kia53ynvlcw7QzePC7_vzNlFlIK89QTPcIAMpqfi1yo,20478
-sanic_security/utils.py,sha256=Zgde7W69ixwv_H8eTs7indO5_U2Jvq62YUpG6ipN768,2629
-sanic_security/verification.py,sha256=vrxYborEOBKEirOHczul9WYub5j6T2ldXE1gsoA8iyY,7503
-sanic_security/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sanic_security/test/server.py,sha256=qQtbQh8m9QYf4g1SL8QJbOyyJzAXFaNmDyBxU8b6RBc,12627
-sanic_security/test/tests.py,sha256=e8J_QfX4QPJT0mxkB1tWBrK_2lrPNtGR8RFXYoQ2kOo,22394
-sanic_security-1.12.1.dist-info/LICENSE,sha256=sXlJs9_mG-dCkPfWsDnuzydJWagS82E2gYtkVH9enHA,1100
-sanic_security-1.12.1.dist-info/METADATA,sha256=Z2-rbZpVQm_obMP3sqeAoI3Ge3WbhM9EjsPtTPMjYXM,23963
-sanic_security-1.12.1.dist-info/WHEEL,sha256=cpQTJ5IWu9CdaPViMhC9YzF8gZuS5-vlfoFihTBC86A,91
-sanic_security-1.12.1.dist-info/top_level.txt,sha256=ZybkhHXSjfzhmv8XeqLvnNmLmv21Z0oPX6Ep4DJN8b0,15
-sanic_security-1.12.1.dist-info/RECORD,,