sanic-security 1.12.1__py3-none-any.whl → 1.12.3__py3-none-any.whl

sanic_security/authentication.py

@@ -198,7 +198,7 @@ async def fulfill_second_factor(request: Request) -> AuthenticationSession:
 async def authenticate(request: Request) -> AuthenticationSession:
     """
     Validates client's authentication session and account. New/Refreshed session automatically returned
-    if expired during authentication, requires encoding.
+    if client's session expired during authentication, requires encoding.
 
     Args:
         request (Request): Sanic request parameter.
@@ -223,13 +223,14 @@ async def authenticate(request: Request) -> AuthenticationSession:
             authentication_session.bearer.validate()
     except ExpiredError:
         authentication_session = await authentication_session.refresh(request)
+    request.ctx.authentication_session = authentication_session
     return authentication_session
 
 
 def requires_authentication(arg=None):
     """
-    Validates client's authentication session and account. New/Refreshed session automatically returned if expired
-    during authentication, requires encoding.
+    Validates client's authentication session and account. New/Refreshed session automatically returned
+    if client's session expired during authentication, requires encoding.
 
     Example:
         This method is not called directly and instead used as a decorator:

sanic_security/configuration.py

@@ -39,7 +39,7 @@ DEFAULT_CONFIG = {
     "CAPTCHA_FONT": "captcha-font.ttf",
     "TWO_STEP_SESSION_EXPIRATION": 300,
     "AUTHENTICATION_SESSION_EXPIRATION": 86400,
-    "AUTHENTICATION_REFRESH_EXPIRATION": 2592000,
+    "AUTHENTICATION_REFRESH_EXPIRATION": 604800,
     "ALLOW_LOGIN_WITH_USERNAME": False,
     "INITIAL_ADMIN_EMAIL": "admin@example.com",
     "INITIAL_ADMIN_PASSWORD": "admin123",
@@ -65,7 +65,7 @@ class Config(dict):
         CAPTCHA_FONT (str): The file path to the font being used for captcha generation.
         TWO_STEP_SESSION_EXPIRATION (int):  The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.
         AUTHENTICATION_SESSION_EXPIRATION (int): The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.
-        AUTHENTICATION_REFRESH_EXPIRATION (int): The amount of seconds till authentication session refresh expiration.
+        AUTHENTICATION_REFRESH_EXPIRATION (int): The amount of seconds till authentication session refresh expiration. Setting to 0 will disable refresh mechanism.
         ALLOW_LOGIN_WITH_USERNAME (bool): Allows login via username and email.
         INITIAL_ADMIN_EMAIL (str): Email used when creating the initial admin account.
         INITIAL_ADMIN_PASSWORD (str): Password used when creating the initial admin account.

sanic_security/models.py

@@ -296,8 +296,13 @@ class Session(BaseModel):
             samesite=security_config.SESSION_SAMESITE,
             secure=security_config.SESSION_SECURE,
         )
-        if self.expiration_date:
-            response.cookies.get_cookie(cookie).expires = self.expiration_date
+        if self.expiration_date:  # Overrides refresh expiration.
+            if hasattr(self, "refresh_expiration_date"):
+                response.cookies.get_cookie(cookie).expires = (
+                    self.refresh_expiration_date
+                )
+            else:
+                response.cookies.get_cookie(cookie).expires = self.expiration_date
         if security_config.SESSION_DOMAIN:
             response.cookies.get_cookie(cookie).domain = security_config.SESSION_DOMAIN
 
@@ -566,7 +571,8 @@ class AuthenticationSession(Session):
             raise NotExpiredError()
         except ExpiredError as e:
             if (
-                datetime.datetime.now(datetime.timezone.utc)
+                self.refresh_expiration_date
+                and datetime.datetime.now(datetime.timezone.utc)
                 <= self.refresh_expiration_date
             ):
                 self.active = False

sanic_security/test/server.py

@@ -175,12 +175,10 @@ async def on_authenticate(request):
 
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 
 
 @app.post("api/test/auth/expire")

sanic_security/test/tests.py

@@ -570,8 +570,9 @@ class MiscTest(TestCase):
             "http://127.0.0.1:8000/api/test/auth",
         )
         assert (
-            json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
+            authenticate_refresh_response.status_code == 200
         ), authenticate_refresh_response.text
+        assert json.loads(authenticate_refresh_response.text)["data"]["refresh"] is True
         authenticate_response = self.client.post(
             "http://127.0.0.1:8000/api/test/auth",
         )  # Since session refresh handling is complete, it will be returned as a regular session now.

{sanic_security-1.12.1.dist-info → sanic_security-1.12.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: sanic-security
-Version: 1.12.1
+Version: 1.12.3
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <na.stewart365@gmail.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -156,7 +156,7 @@ You can load environment variables with a different prefix via `config.load_envi
 | **CAPTCHA_FONT**                      | captcha-font.ttf             | The file path to the font being used for captcha generation.                                                                     |
 | **TWO_STEP_SESSION_EXPIRATION**       | 200                          | The amount of seconds till two-step session expiration on creation. Setting to 0 will disable expiration.                        |
 | **AUTHENTICATION_SESSION_EXPIRATION** | 86400                        | The amount of seconds till authentication session expiration on creation. Setting to 0 will disable expiration.                  |
-| **AUTHENTICATION_REFRESH_EXPIRATION** | 2592000                      | The amount of seconds till authentication refresh expiration.                                                                    |
+| **AUTHENTICATION_REFRESH_EXPIRATION** | 604800                       | The amount of seconds till authentication refresh expiration. Setting to 0 will disable refresh mechanism.                       |
 | **ALLOW_LOGIN_WITH_USERNAME**         | False                        | Allows login via username and email.                                                                                             |
 | **INITIAL_ADMIN_EMAIL**               | admin@example.com            | Email used when creating the initial admin account.                                                                              |
 | **INITIAL_ADMIN_PASSWORD**            | admin123                     | Password used when creating the initial admin account.                                                                           |
@@ -295,8 +295,6 @@ async def on_logout(request):
 
 * Authenticate
 
-New/Refreshed session will be returned if expired, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 async def on_authenticate(request):
@@ -305,15 +303,11 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Requires Authentication (This method is not called directly and instead used as a decorator)
 
-New/Refreshed session will be returned if expired, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 @requires_authentication
@@ -323,24 +317,22 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
-* Authentication Refresh Middleware
+* Authentication Middleware
+
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
 
-If it's inconvenient to encode the refreshed session during authentication, it can also be done automatically via middleware.
+Middleware is recommended to automatically encode the refreshed session.
 
 ```python
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 ```
 
 ## Captcha

sanic_security-1.12.3.dist-info/RECORD

@@ -0,0 +1,16 @@
+sanic_security/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+sanic_security/authentication.py,sha256=E17jQg1gD06CTRk7l9q8EUzgeAEXn2J0E02Va-QYx9I,12573
+sanic_security/authorization.py,sha256=aQztMiZG9LDctr_C6QEzO5qScwbxpiLk96XVxwdCChM,6921
+sanic_security/configuration.py,sha256=p44nTSrBQQSJZYN6qJEod_Ettf90rRNlmPxmNzxqQ9A,5514
+sanic_security/exceptions.py,sha256=8c3xoQSiIKfSiOQOtw49RG8Qdlc3vZDzqjrEnPad4Ds,5411
+sanic_security/models.py,sha256=OEvO4xUh_7QCdwfaiKt51T3fmn3MJSrIcM1TszDfqgg,20776
+sanic_security/utils.py,sha256=Zgde7W69ixwv_H8eTs7indO5_U2Jvq62YUpG6ipN768,2629
+sanic_security/verification.py,sha256=vrxYborEOBKEirOHczul9WYub5j6T2ldXE1gsoA8iyY,7503
+sanic_security/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+sanic_security/test/server.py,sha256=G5q7mzTUxOpKlhbzNbzTZYSWd6g8a0toOFX9qTA_nVg,12631
+sanic_security/test/tests.py,sha256=Hg40wlZfC-CDZX6lIjeT6uXy-3BJMc4ChJsnCRCBIu8,22459
+sanic_security-1.12.3.dist-info/LICENSE,sha256=sXlJs9_mG-dCkPfWsDnuzydJWagS82E2gYtkVH9enHA,1100
+sanic_security-1.12.3.dist-info/METADATA,sha256=Xaqk6JqUV3Y7IafPDQ85k7VTaghTLTQGtbLpKiZ7gEo,23680
+sanic_security-1.12.3.dist-info/WHEEL,sha256=Z4pYXqR_rTB7OWNDYFOm1qRk0RX6GFP2o8LgvP453Hk,91
+sanic_security-1.12.3.dist-info/top_level.txt,sha256=ZybkhHXSjfzhmv8XeqLvnNmLmv21Z0oPX6Ep4DJN8b0,15
+sanic_security-1.12.3.dist-info/RECORD,,

{sanic_security-1.12.1.dist-info → sanic_security-1.12.3.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (70.1.0)
+Generator: setuptools (70.3.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

sanic_security-1.12.1.dist-info/RECORD

@@ -1,16 +0,0 @@
-sanic_security/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sanic_security/authentication.py,sha256=ucOdF-g00BmztFAqFf7gy03PIwVXU0Jp0Y8NNC5OwAw,12474
-sanic_security/authorization.py,sha256=aQztMiZG9LDctr_C6QEzO5qScwbxpiLk96XVxwdCChM,6921
-sanic_security/configuration.py,sha256=U-xUgceT5ZRjbxYocrzhxyJYFBkobCrlxLNMVGJNX2k,5470
-sanic_security/exceptions.py,sha256=8c3xoQSiIKfSiOQOtw49RG8Qdlc3vZDzqjrEnPad4Ds,5411
-sanic_security/models.py,sha256=Kia53ynvlcw7QzePC7_vzNlFlIK89QTPcIAMpqfi1yo,20478
-sanic_security/utils.py,sha256=Zgde7W69ixwv_H8eTs7indO5_U2Jvq62YUpG6ipN768,2629
-sanic_security/verification.py,sha256=vrxYborEOBKEirOHczul9WYub5j6T2ldXE1gsoA8iyY,7503
-sanic_security/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sanic_security/test/server.py,sha256=qQtbQh8m9QYf4g1SL8QJbOyyJzAXFaNmDyBxU8b6RBc,12627
-sanic_security/test/tests.py,sha256=e8J_QfX4QPJT0mxkB1tWBrK_2lrPNtGR8RFXYoQ2kOo,22394
-sanic_security-1.12.1.dist-info/LICENSE,sha256=sXlJs9_mG-dCkPfWsDnuzydJWagS82E2gYtkVH9enHA,1100
-sanic_security-1.12.1.dist-info/METADATA,sha256=Z2-rbZpVQm_obMP3sqeAoI3Ge3WbhM9EjsPtTPMjYXM,23963
-sanic_security-1.12.1.dist-info/WHEEL,sha256=cpQTJ5IWu9CdaPViMhC9YzF8gZuS5-vlfoFihTBC86A,91
-sanic_security-1.12.1.dist-info/top_level.txt,sha256=ZybkhHXSjfzhmv8XeqLvnNmLmv21Z0oPX6Ep4DJN8b0,15
-sanic_security-1.12.1.dist-info/RECORD,,