sanic-security 1.16.7__tar.gz → 1.16.9__tar.gz

{sanic_security-1.16.7/sanic_security.egg-info → sanic_security-1.16.9}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: sanic-security
-Version: 1.16.7
+Version: 1.16.9
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <me@na-stewart.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -29,15 +29,7 @@ Requires-Dist: pdoc3; extra == "dev"
 Requires-Dist: cryptography; extra == "dev"
 Provides-Extra: crypto
 Requires-Dist: cryptography>=3.3.1; extra == "crypto"
-
-<!-- PROJECT SHIELDS -->
-<!--
-*** I'm using markdown "reference style" links for readability.
-*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
-*** See the bottom of this document for the declaration of the reference variables
-*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
-*** https://www.markdownguide.org/basic-syntax/#reference-style-links
--->
+Dynamic: license-file
 
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
 [![Downloads](https://static.pepy.tech/badge/sanic-security)](https://pepy.tech/project/sanic-security)
@@ -79,7 +71,7 @@ Requires-Dist: cryptography>=3.3.1; extra == "crypto"
 ## About The Project
 
 Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) framework.
+[Sanic](https://github.com/huge-success/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -94,16 +86,16 @@ Visit [security.na-stewart.com](https://security.na-stewart.com) for documentati
 <!-- GETTING STARTED -->
 ## Getting Started
 
-In order to get started, please install [PyPI](https://pypi.org/).
+In order to get started, please install [PyPI](https://pypi.org/) (likely included with your Python build).
 
 ### Installation
 
-* Install the Sanic Security pip package.
+* Install the Sanic Security package.
 ```shell
 pip3 install sanic-security
 ````
 
-* Install the Sanic Security pip package with the `cryptography` dependency included.
+* Install the Sanic Security package with the [cryptography](https://github.com/pyca/cryptography) dependency included.
 
 If you're planning on encoding or decoding JWTs using certain digital signature algorithms (like RSA or ECDSA which use 
 the public secret and private secret), you will need to install the `cryptography` library. This can be installed explicitly, or 
@@ -113,7 +105,7 @@ as an extra requirement.
 pip3 install sanic-security[crypto]
 ````
 
-* Install the Sanic Security pip package with the `httpx-oauth` dependency included.
+* Install the Sanic Security package with the [httpx-oauth](https://github.com/frankie567/httpx-oauth) dependency included.
 
 If you're planning on utilizing OAuth, you will need to install the `httpx-oauth` library. This can be installed explicitly, or 
 as an extra requirement.
@@ -130,8 +122,7 @@ pip3 install sanic-security --upgrade
 
 ### Configuration
 
-Sanic Security configuration is merely an object that can be modified either using dot-notation or like a 
-dictionary.
+Sanic Security configuration is merely an object that can be modified either using dot-notation or like a dictionary.
 
 For example: 
 
@@ -139,7 +130,7 @@ For example:
 from sanic_security.configuration import config as security_config
 
 security_config.SECRET = "This is a big secret. Shhhhh"
-security_config["CAPTCHA_FONT"] = "./resources/captcha-font.ttf"
+security_config["CAPTCHA_FONT"] = "resources/captcha-font.ttf"
 ```
 
 You can also use the update() method like on regular dictionaries.
@@ -176,8 +167,7 @@ You can load environment variables with a different prefix via `security_config.
 
 ## Usage
 
-Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent
-along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
+Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
 
 * Initialize Sanic Security as follows:
 ```python
@@ -267,7 +257,7 @@ async def on_oauth_token(request):
 
 ## Authentication
   
-* Registration (With two-step account verification)
+* Registration (with two-step account verification)
 
 Phone can be null or empty.
 
@@ -310,7 +300,7 @@ async def on_verify(request):
     )
 ```
 
-* Login (With two-factor authentication)
+* Login (with two-factor authentication)
 
 Credentials are retrieved via header are constructed by first combining the username and the password with a colon 
 (aladdin:opensesame), and then by encoding the resulting string in base64 (YWxhZGRpbjpvcGVuc2VzYW1l). 
@@ -399,7 +389,7 @@ async def on_authenticate(request):
     return response
 ```
 
-* Requires Authentication (This method is not called directly and instead used as a decorator)
+* Requires Authentication (this method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/auth")
@@ -450,7 +440,7 @@ async def on_captcha(request):
     return json("Captcha attempt successful!", captcha_session.json)
 ```
 
-* Requires CAPTCHA (This method is not called directly and instead used as a decorator)
+* Requires CAPTCHA (this method is not called directly and instead used as a decorator)
 
 | Key         | Value  |
 |-------------|--------|
@@ -511,7 +501,7 @@ async def on_two_step_verification(request):
     return response
 ```
 
-* Requires Two-step Verification (This method is not called directly and instead used as a decorator)
+* Requires Two-step Verification (this method is not called directly and instead used as a decorator)
 
 | Key      | Value  |
 |----------|--------|
@@ -564,7 +554,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (This method is not called directly and instead used as a decorator.)
+* Require Permissions (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")

{sanic_security-1.16.7 → sanic_security-1.16.9}/README.md

@@ -1,12 +1,3 @@
-<!-- PROJECT SHIELDS -->
-<!--
-*** I'm using markdown "reference style" links for readability.
-*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
-*** See the bottom of this document for the declaration of the reference variables
-*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
-*** https://www.markdownguide.org/basic-syntax/#reference-style-links
--->
-
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
 [![Downloads](https://static.pepy.tech/badge/sanic-security)](https://pepy.tech/project/sanic-security)
 [![Conda Downloads](https://img.shields.io/conda/dn/conda-forge/sanic-security.svg)](https://anaconda.org/conda-forge/sanic-security)
@@ -47,7 +38,7 @@
 ## About The Project
 
 Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) framework.
+[Sanic](https://github.com/huge-success/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -62,16 +53,16 @@ Visit [security.na-stewart.com](https://security.na-stewart.com) for documentati
 <!-- GETTING STARTED -->
 ## Getting Started
 
-In order to get started, please install [PyPI](https://pypi.org/).
+In order to get started, please install [PyPI](https://pypi.org/) (likely included with your Python build).
 
 ### Installation
 
-* Install the Sanic Security pip package.
+* Install the Sanic Security package.
 ```shell
 pip3 install sanic-security
 ````
 
-* Install the Sanic Security pip package with the `cryptography` dependency included.
+* Install the Sanic Security package with the [cryptography](https://github.com/pyca/cryptography) dependency included.
 
 If you're planning on encoding or decoding JWTs using certain digital signature algorithms (like RSA or ECDSA which use 
 the public secret and private secret), you will need to install the `cryptography` library. This can be installed explicitly, or 
@@ -81,7 +72,7 @@ as an extra requirement.
 pip3 install sanic-security[crypto]
 ````
 
-* Install the Sanic Security pip package with the `httpx-oauth` dependency included.
+* Install the Sanic Security package with the [httpx-oauth](https://github.com/frankie567/httpx-oauth) dependency included.
 
 If you're planning on utilizing OAuth, you will need to install the `httpx-oauth` library. This can be installed explicitly, or 
 as an extra requirement.
@@ -98,8 +89,7 @@ pip3 install sanic-security --upgrade
 
 ### Configuration
 
-Sanic Security configuration is merely an object that can be modified either using dot-notation or like a 
-dictionary.
+Sanic Security configuration is merely an object that can be modified either using dot-notation or like a dictionary.
 
 For example: 
 
@@ -107,7 +97,7 @@ For example:
 from sanic_security.configuration import config as security_config
 
 security_config.SECRET = "This is a big secret. Shhhhh"
-security_config["CAPTCHA_FONT"] = "./resources/captcha-font.ttf"
+security_config["CAPTCHA_FONT"] = "resources/captcha-font.ttf"
 ```
 
 You can also use the update() method like on regular dictionaries.
@@ -144,8 +134,7 @@ You can load environment variables with a different prefix via `security_config.
 
 ## Usage
 
-Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent
-along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
+Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
 
 * Initialize Sanic Security as follows:
 ```python
@@ -235,7 +224,7 @@ async def on_oauth_token(request):
 
 ## Authentication
   
-* Registration (With two-step account verification)
+* Registration (with two-step account verification)
 
 Phone can be null or empty.
 
@@ -278,7 +267,7 @@ async def on_verify(request):
     )
 ```
 
-* Login (With two-factor authentication)
+* Login (with two-factor authentication)
 
 Credentials are retrieved via header are constructed by first combining the username and the password with a colon 
 (aladdin:opensesame), and then by encoding the resulting string in base64 (YWxhZGRpbjpvcGVuc2VzYW1l). 
@@ -367,7 +356,7 @@ async def on_authenticate(request):
     return response
 ```
 
-* Requires Authentication (This method is not called directly and instead used as a decorator)
+* Requires Authentication (this method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/auth")
@@ -418,7 +407,7 @@ async def on_captcha(request):
     return json("Captcha attempt successful!", captcha_session.json)
 ```
 
-* Requires CAPTCHA (This method is not called directly and instead used as a decorator)
+* Requires CAPTCHA (this method is not called directly and instead used as a decorator)
 
 | Key         | Value  |
 |-------------|--------|
@@ -479,7 +468,7 @@ async def on_two_step_verification(request):
     return response
 ```
 
-* Requires Two-step Verification (This method is not called directly and instead used as a decorator)
+* Requires Two-step Verification (this method is not called directly and instead used as a decorator)
 
 | Key      | Value  |
 |----------|--------|
@@ -532,7 +521,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (This method is not called directly and instead used as a decorator.)
+* Require Permissions (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")
@@ -650,4 +639,4 @@ Distributed under the MIT License. See `LICENSE` for more information.
 
 * PATCH version when you make backwards compatible bug fixes.
 
-[https://semver.org/](https://semver.org/)
+[https://semver.org/](https://semver.org/)

{sanic_security-1.16.7 → sanic_security-1.16.9}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "sanic-security"
-version = "1.16.7"
+version = "1.16.9"
 requires-python = ">=3.8"
 dependencies = [
     "tortoise-orm>=0.17.0",

{sanic_security-1.16.7 → sanic_security-1.16.9}/sanic_security/authorization.py

@@ -140,7 +140,7 @@ async def check_roles(request: Request, *required_roles: str) -> AuthenticationS
 async def assign_role(
     name: str,
     account: Account,
-    description: str,
+    description: str = None,
     *permissions: str,
 ) -> Role:
     """

{sanic_security-1.16.7 → sanic_security-1.16.9}/sanic_security/configuration.py

@@ -1,4 +1,5 @@
 from os import environ
+from types import SimpleNamespace
 
 from sanic.utils import str_to_bool
 
@@ -50,7 +51,7 @@ DEFAULT_CONFIG = {
 }
 
 
-class Config(dict):
+class Config(SimpleNamespace):
     """
     Sanic Security configuration.
 
@@ -102,30 +103,23 @@ class Config(dict):
     INITIAL_ADMIN_PASSWORD: str
     TEST_DATABASE_URL: str
 
-    def load_environment_variables(self, load_env="SANIC_SECURITY_") -> None:
-        """
-        Any environment variables defined with the prefix argument will be applied to the config.
+    def __init__(self, default_config: dict = None):
+        super().__init__(**(default_config or DEFAULT_CONFIG))
+        self.load_environment_variables()
 
-        Args:
-            load_env (str): Prefix being used to apply environment variables into the config.
-        """
+    def load_environment_variables(self, env_prefix: str = "SANIC_SECURITY_"):
         for key, value in environ.items():
-            if not key.startswith(load_env):
+            if not key.startswith(env_prefix):
                 continue
 
-            _, config_key = key.split(load_env, 1)
+            _, config_key = key.split(env_prefix, 1)
 
             for converter in (int, float, str_to_bool, str):
                 try:
-                    self[config_key] = converter(value)
+                    setattr(self, config_key, converter(value))
                     break
                 except ValueError:
                     pass
 
-    def __init__(self):
-        super().__init__(DEFAULT_CONFIG)
-        self.__dict__ = self
-        self.load_environment_variables()
-
 
-config = Config()
+config = Config(DEFAULT_CONFIG)

{sanic_security-1.16.7 → sanic_security-1.16.9}/sanic_security/oauth.py

@@ -149,7 +149,9 @@ async def oauth_revoke(request: Request, client: BaseOAuth2) -> dict:
             token_info = await oauth_decode(request, client, False)
             request.ctx.oauth["revoked"] = True
             with suppress(RevokeTokenNotSupportedError):
-                await client.revoke_token(token_info.get("access_token"), "access_token")
+                await client.revoke_token(
+                    token_info.get("access_token"), "access_token"
+                )
             return token_info
         except RevokeTokenError as e:
             raise OAuthError(f"Failed to revoke access token {e.response.text}")

{sanic_security-1.16.7 → sanic_security-1.16.9/sanic_security.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.4
 Name: sanic-security
-Version: 1.16.7
+Version: 1.16.9
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <me@na-stewart.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -29,15 +29,7 @@ Requires-Dist: pdoc3; extra == "dev"
 Requires-Dist: cryptography; extra == "dev"
 Provides-Extra: crypto
 Requires-Dist: cryptography>=3.3.1; extra == "crypto"
-
-<!-- PROJECT SHIELDS -->
-<!--
-*** I'm using markdown "reference style" links for readability.
-*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
-*** See the bottom of this document for the declaration of the reference variables
-*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
-*** https://www.markdownguide.org/basic-syntax/#reference-style-links
--->
+Dynamic: license-file
 
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
 [![Downloads](https://static.pepy.tech/badge/sanic-security)](https://pepy.tech/project/sanic-security)
@@ -79,7 +71,7 @@ Requires-Dist: cryptography>=3.3.1; extra == "crypto"
 ## About The Project
 
 Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) framework.
+[Sanic](https://github.com/huge-success/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -94,16 +86,16 @@ Visit [security.na-stewart.com](https://security.na-stewart.com) for documentati
 <!-- GETTING STARTED -->
 ## Getting Started
 
-In order to get started, please install [PyPI](https://pypi.org/).
+In order to get started, please install [PyPI](https://pypi.org/) (likely included with your Python build).
 
 ### Installation
 
-* Install the Sanic Security pip package.
+* Install the Sanic Security package.
 ```shell
 pip3 install sanic-security
 ````
 
-* Install the Sanic Security pip package with the `cryptography` dependency included.
+* Install the Sanic Security package with the [cryptography](https://github.com/pyca/cryptography) dependency included.
 
 If you're planning on encoding or decoding JWTs using certain digital signature algorithms (like RSA or ECDSA which use 
 the public secret and private secret), you will need to install the `cryptography` library. This can be installed explicitly, or 
@@ -113,7 +105,7 @@ as an extra requirement.
 pip3 install sanic-security[crypto]
 ````
 
-* Install the Sanic Security pip package with the `httpx-oauth` dependency included.
+* Install the Sanic Security package with the [httpx-oauth](https://github.com/frankie567/httpx-oauth) dependency included.
 
 If you're planning on utilizing OAuth, you will need to install the `httpx-oauth` library. This can be installed explicitly, or 
 as an extra requirement.
@@ -130,8 +122,7 @@ pip3 install sanic-security --upgrade
 
 ### Configuration
 
-Sanic Security configuration is merely an object that can be modified either using dot-notation or like a 
-dictionary.
+Sanic Security configuration is merely an object that can be modified either using dot-notation or like a dictionary.
 
 For example: 
 
@@ -139,7 +130,7 @@ For example:
 from sanic_security.configuration import config as security_config
 
 security_config.SECRET = "This is a big secret. Shhhhh"
-security_config["CAPTCHA_FONT"] = "./resources/captcha-font.ttf"
+security_config["CAPTCHA_FONT"] = "resources/captcha-font.ttf"
 ```
 
 You can also use the update() method like on regular dictionaries.
@@ -176,8 +167,7 @@ You can load environment variables with a different prefix via `security_config.
 
 ## Usage
 
-Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent
-along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
+Sanic Security's authentication and verification functionality is session based. A new session will be created for the user after the user logs in or requests some form of verification (two-step, captcha). The session data is then encoded into a JWT and stored on a cookie on the user’s browser. The session cookie is then sent along with every subsequent request. The server can then compare the session stored on the cookie against the session information stored in the database to verify user’s identity and send a response with the corresponding state.
 
 * Initialize Sanic Security as follows:
 ```python
@@ -267,7 +257,7 @@ async def on_oauth_token(request):
 
 ## Authentication
   
-* Registration (With two-step account verification)
+* Registration (with two-step account verification)
 
 Phone can be null or empty.
 
@@ -310,7 +300,7 @@ async def on_verify(request):
     )
 ```
 
-* Login (With two-factor authentication)
+* Login (with two-factor authentication)
 
 Credentials are retrieved via header are constructed by first combining the username and the password with a colon 
 (aladdin:opensesame), and then by encoding the resulting string in base64 (YWxhZGRpbjpvcGVuc2VzYW1l). 
@@ -399,7 +389,7 @@ async def on_authenticate(request):
     return response
 ```
 
-* Requires Authentication (This method is not called directly and instead used as a decorator)
+* Requires Authentication (this method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/auth")
@@ -450,7 +440,7 @@ async def on_captcha(request):
     return json("Captcha attempt successful!", captcha_session.json)
 ```
 
-* Requires CAPTCHA (This method is not called directly and instead used as a decorator)
+* Requires CAPTCHA (this method is not called directly and instead used as a decorator)
 
 | Key         | Value  |
 |-------------|--------|
@@ -511,7 +501,7 @@ async def on_two_step_verification(request):
     return response
 ```
 
-* Requires Two-step Verification (This method is not called directly and instead used as a decorator)
+* Requires Two-step Verification (this method is not called directly and instead used as a decorator)
 
 | Key      | Value  |
 |----------|--------|
@@ -564,7 +554,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (This method is not called directly and instead used as a decorator.)
+* Require Permissions (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")