sanic-security 1.12.2__tar.gz → 1.12.3__tar.gz

{sanic_security-1.12.2/sanic_security.egg-info → sanic_security-1.12.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: sanic-security
-Version: 1.12.2
+Version: 1.12.3
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <na.stewart365@gmail.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -295,8 +295,6 @@ async def on_logout(request):
 
 * Authenticate
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 async def on_authenticate(request):
@@ -305,15 +303,11 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Requires Authentication (This method is not called directly and instead used as a decorator)
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 @requires_authentication
@@ -323,24 +317,22 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Authentication Middleware
 
-Refreshed session can be encoded automatically via middleware.
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
+
+Middleware is recommended to automatically encode the refreshed session.
 
 ```python
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 ```
 
 ## Captcha

{sanic_security-1.12.2 → sanic_security-1.12.3}/README.md

@@ -264,8 +264,6 @@ async def on_logout(request):
 
 * Authenticate
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 async def on_authenticate(request):
@@ -274,15 +272,11 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Requires Authentication (This method is not called directly and instead used as a decorator)
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 @requires_authentication
@@ -292,24 +286,22 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Authentication Middleware
 
-Refreshed session can be encoded automatically via middleware.
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
+
+Middleware is recommended to automatically encode the refreshed session.
 
 ```python
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 ```
 
 ## Captcha

{sanic_security-1.12.2 → sanic_security-1.12.3}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "sanic-security"
-version = "1.12.2"
+version = "1.12.3"
 requires-python = ">=3.8"
 dependencies = [
     "tortoise-orm>=0.17.0",

{sanic_security-1.12.2 → sanic_security-1.12.3}/sanic_security/authentication.py

@@ -223,6 +223,7 @@ async def authenticate(request: Request) -> AuthenticationSession:
             authentication_session.bearer.validate()
     except ExpiredError:
         authentication_session = await authentication_session.refresh(request)
+    request.ctx.authentication_session = authentication_session
     return authentication_session
 
 

{sanic_security-1.12.2 → sanic_security-1.12.3}/sanic_security/models.py

@@ -296,8 +296,13 @@ class Session(BaseModel):
             samesite=security_config.SESSION_SAMESITE,
             secure=security_config.SESSION_SECURE,
         )
-        if self.expiration_date:
-            response.cookies.get_cookie(cookie).expires = self.expiration_date
+        if self.expiration_date:  # Overrides refresh expiration.
+            if hasattr(self, "refresh_expiration_date"):
+                response.cookies.get_cookie(cookie).expires = (
+                    self.refresh_expiration_date
+                )
+            else:
+                response.cookies.get_cookie(cookie).expires = self.expiration_date
         if security_config.SESSION_DOMAIN:
             response.cookies.get_cookie(cookie).domain = security_config.SESSION_DOMAIN
 

{sanic_security-1.12.2 → sanic_security-1.12.3}/sanic_security/test/server.py

@@ -175,12 +175,10 @@ async def on_authenticate(request):
 
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 
 
 @app.post("api/test/auth/expire")

{sanic_security-1.12.2 → sanic_security-1.12.3/sanic_security.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: sanic-security
-Version: 1.12.2
+Version: 1.12.3
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <na.stewart365@gmail.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -295,8 +295,6 @@ async def on_logout(request):
 
 * Authenticate
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 async def on_authenticate(request):
@@ -305,15 +303,11 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Requires Authentication (This method is not called directly and instead used as a decorator)
 
-New/Refreshed session returned if client's session expired during authentication, requires encoding.
-
 ```python
 @app.post("api/security/auth")
 @requires_authentication
@@ -323,24 +317,22 @@ async def on_authenticate(request):
         "You have been authenticated.",
         authentication_session.json,
     )
-    if authentication_session.is_refresh:
-        authentication_session.encode(response)
     return response
 ```
 
 * Authentication Middleware
 
-Refreshed session can be encoded automatically via middleware.
+New/Refreshed session returned if client's session expired during authentication, requires encoding.
+
+Middleware is recommended to automatically encode the refreshed session.
 
 ```python
 @app.on_response
 async def authentication_refresh_encoder(request, response):
-    try:
+    if hasattr(request.ctx, "authentication_session"):
         authentication_session = request.ctx.authentication_session
         if authentication_session.is_refresh:
             authentication_session.encode(response)
-    except AttributeError:
-        pass
 ```
 
 ## Captcha