sanic-security 1.17.0__tar.gz → 1.17.2__tar.gz

{sanic_security-1.17.0/sanic_security.egg-info → sanic_security-1.17.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sanic-security
-Version: 1.17.0
+Version: 1.17.2
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <me@na-stewart.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -70,8 +70,8 @@ Dynamic: license-file
 <!-- ABOUT THE PROJECT -->
 ## About The Project
 
-Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) web app framework.
+Sanic Security is a suite of authentication, authorization, and verification tools designed for use with the 
+[Sanic](https://github.com/sanic-org/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -268,7 +268,7 @@ Phone can be null or empty.
 @app.post("api/security/register")
 async def on_register(request):
     account = await register(request)
-    two_step_session = await request_two_step_verification(request, account, "2fa")
+    two_step_session = await request_two_step_verification(request, account)
     await email_code(
         account.email, two_step_session.code  # Code = 24KF19
     )  # Custom method for emailing verification code.
@@ -309,7 +309,7 @@ You can use a username as well as an email for login if `ALLOW_LOGIN_WITH_USERNA
 async def on_login(request):
     authentication_session = await login(request, require_second_factor=True)
     two_step_session = await request_two_step_verification(
-        request, authentication_session.bearer
+        request, authentication_session.bearer, "2fa"
     )
     await email_code(
         authentication_session.bearer.email, two_step_session.code  # Code = XGED2U
@@ -463,7 +463,7 @@ Two-step verification should be integrated with other custom functionalities, su
 ```python
 @app.post("api/security/two-step/request")
 async def on_two_step_request(request):
-    two_step_session = await request_two_step_verification(request)  # Code = T2I58I
+    two_step_session = await request_two_step_verification(request, tag="forgot-pass")  # Code = T2I58I
     await email_code(
         two_step_session.bearer.email, two_step_session.code
     )  # Custom method for emailing verification code.
@@ -493,7 +493,7 @@ async def on_two_step_resend(request):
 ```python
 @app.post("api/security/two-step")
 async def on_two_step_verification(request):
-    two_step_session = await two_step_verification(request)
+    two_step_session = await two_step_verification(request, "forgot-pass")
     response = json("Two-step verification attempt successful!", two_step_session.json)
     return response
 ```
@@ -506,7 +506,7 @@ async def on_two_step_verification(request):
 
 ```python
 @app.post("api/security/two-step")
-@requires_two_step_verification
+@requires_two_step_verification("forgot-pass")
 async def on_two_step_verification(request):
     response = json(
         "Two-step verification attempt successful!", request.ctx.session.json
@@ -551,7 +551,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (this method is not called directly and instead used as a decorator.)
+* Requires Permission (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")
@@ -569,7 +569,7 @@ async def on_check_roles(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Roles (This method is not called directly and instead used as a decorator)
+* Requires Role (This method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/roles")

{sanic_security-1.17.0 → sanic_security-1.17.2}/README.md

@@ -37,8 +37,8 @@
 <!-- ABOUT THE PROJECT -->
 ## About The Project
 
-Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) web app framework.
+Sanic Security is a suite of authentication, authorization, and verification tools designed for use with the 
+[Sanic](https://github.com/sanic-org/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -235,7 +235,7 @@ Phone can be null or empty.
 @app.post("api/security/register")
 async def on_register(request):
     account = await register(request)
-    two_step_session = await request_two_step_verification(request, account, "2fa")
+    two_step_session = await request_two_step_verification(request, account)
     await email_code(
         account.email, two_step_session.code  # Code = 24KF19
     )  # Custom method for emailing verification code.
@@ -276,7 +276,7 @@ You can use a username as well as an email for login if `ALLOW_LOGIN_WITH_USERNA
 async def on_login(request):
     authentication_session = await login(request, require_second_factor=True)
     two_step_session = await request_two_step_verification(
-        request, authentication_session.bearer
+        request, authentication_session.bearer, "2fa"
     )
     await email_code(
         authentication_session.bearer.email, two_step_session.code  # Code = XGED2U
@@ -430,7 +430,7 @@ Two-step verification should be integrated with other custom functionalities, su
 ```python
 @app.post("api/security/two-step/request")
 async def on_two_step_request(request):
-    two_step_session = await request_two_step_verification(request)  # Code = T2I58I
+    two_step_session = await request_two_step_verification(request, tag="forgot-pass")  # Code = T2I58I
     await email_code(
         two_step_session.bearer.email, two_step_session.code
     )  # Custom method for emailing verification code.
@@ -460,7 +460,7 @@ async def on_two_step_resend(request):
 ```python
 @app.post("api/security/two-step")
 async def on_two_step_verification(request):
-    two_step_session = await two_step_verification(request)
+    two_step_session = await two_step_verification(request, "forgot-pass")
     response = json("Two-step verification attempt successful!", two_step_session.json)
     return response
 ```
@@ -473,7 +473,7 @@ async def on_two_step_verification(request):
 
 ```python
 @app.post("api/security/two-step")
-@requires_two_step_verification
+@requires_two_step_verification("forgot-pass")
 async def on_two_step_verification(request):
     response = json(
         "Two-step verification attempt successful!", request.ctx.session.json
@@ -518,7 +518,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (this method is not called directly and instead used as a decorator.)
+* Requires Permission (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")
@@ -536,7 +536,7 @@ async def on_check_roles(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Roles (This method is not called directly and instead used as a decorator)
+* Requires Role (This method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/roles")

{sanic_security-1.17.0 → sanic_security-1.17.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "sanic-security"
-version = "1.17.0"
+version = "1.17.2"
 requires-python = ">=3.8"
 dependencies = [
     "tortoise-orm>=0.17.0",

{sanic_security-1.17.0 → sanic_security-1.17.2}/sanic_security/authentication.py

@@ -185,7 +185,7 @@ async def fulfill_second_factor(request: Request) -> AuthenticationSession:
     authentication_session = await AuthenticationSession.decode(request)
     if not authentication_session.requires_second_factor:
         raise DeactivatedError("Session second factor requirement already met.", 403)
-    two_step_session = await TwoStepSession.decode(request)
+    two_step_session = await TwoStepSession.decode(request, tag="2fa")
     two_step_session.validate()
     await two_step_session.check_code(request.form.get("code"))
     authentication_session.requires_second_factor = False
@@ -368,12 +368,12 @@ def initialize_security(app: Sanic, create_root: bool = True) -> None:
             await account.roles.add(role)
             logger.info("Initial admin account created.")
 
-        @app.on_response
-        async def session_middleware(request, response):
-            if hasattr(request.ctx, "session"):
-                if getattr(request.ctx.session, "is_refresh", False):
-                    request.ctx.session.encode(response)
-                elif not request.ctx.session.active:
-                    response.delete_cookie(
-                        f"{config.SESSION_PREFIX}_{request.ctx.session.__class__.__name__[:7].lower()}"
-                    )
+    @app.on_response
+    async def session_middleware(request, response):
+        if hasattr(request.ctx, "session"):
+            if getattr(request.ctx.session, "is_refresh", False):
+                request.ctx.session.encode(response)
+            elif not request.ctx.session.active:
+                response.delete_cookie(
+                    f"{config.SESSION_PREFIX}_{request.ctx.session.__class__.__name__[:7].lower()}"
+                )

{sanic_security-1.17.0 → sanic_security-1.17.2}/sanic_security/test/server.py

@@ -101,7 +101,7 @@ async def on_login(request):
     )
     if str_to_bool(request.args.get("two-factor-authentication")):
         two_step_session = await request_two_step_verification(
-            request, authentication_session.bearer
+            request, authentication_session.bearer, "2fa"
         )
         response = json(
             "Login successful! Two-factor authentication required.",
@@ -218,14 +218,14 @@ async def on_captcha_attempt(request):
 @app.post("api/test/two-step/request")
 async def on_request_verification(request):
     """Request two-step verification with code in the response."""
-    two_step_session = await request_two_step_verification(request)
+    two_step_session = await request_two_step_verification(request, tag="forgot-pass")
     response = json("Verification request successful!", two_step_session.code)
     two_step_session.encode(response)
     return response
 
 
 @app.post("api/test/two-step")
-@requires_two_step_verification
+@requires_two_step_verification("forgot-pass")
 async def on_verification_attempt(request):
     """Attempt two-step verification challenge."""
     return json("Two step verification attempt successful!", request.ctx.session.json)

{sanic_security-1.17.0 → sanic_security-1.17.2}/sanic_security/verification.py

@@ -135,12 +135,15 @@ def requires_two_step_verification(func=None, *, tag="2sv"):
         ChallengeError
         MaxedOutChallengeError
     """
+    if isinstance(func, str):
+        tag = func
+        func = None
 
-    def decorator(func):
-        @functools.wraps(func)
+    def decorator(inner_func):
+        @functools.wraps(inner_func)
         async def wrapper(request, *args, **kwargs):
             await two_step_verification(request, tag)
-            return await func(request, *args, **kwargs)
+            return await inner_func(request, *args, **kwargs)
 
         return wrapper
 

{sanic_security-1.17.0 → sanic_security-1.17.2/sanic_security.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sanic-security
-Version: 1.17.0
+Version: 1.17.2
 Summary: An async security library for the Sanic framework.
 Author-email: Aidan Stewart <me@na-stewart.com>
 Project-URL: Documentation, https://security.na-stewart.com/
@@ -70,8 +70,8 @@ Dynamic: license-file
 <!-- ABOUT THE PROJECT -->
 ## About The Project
 
-Sanic Security is an authentication, authorization, and verification library designed for use with the 
-[Sanic](https://github.com/huge-success/sanic) web app framework.
+Sanic Security is a suite of authentication, authorization, and verification tools designed for use with the 
+[Sanic](https://github.com/sanic-org/sanic) web app framework.
 
 * OAuth2 integration
 * Login, registration, and authentication with refresh mechanisms
@@ -268,7 +268,7 @@ Phone can be null or empty.
 @app.post("api/security/register")
 async def on_register(request):
     account = await register(request)
-    two_step_session = await request_two_step_verification(request, account, "2fa")
+    two_step_session = await request_two_step_verification(request, account)
     await email_code(
         account.email, two_step_session.code  # Code = 24KF19
     )  # Custom method for emailing verification code.
@@ -309,7 +309,7 @@ You can use a username as well as an email for login if `ALLOW_LOGIN_WITH_USERNA
 async def on_login(request):
     authentication_session = await login(request, require_second_factor=True)
     two_step_session = await request_two_step_verification(
-        request, authentication_session.bearer
+        request, authentication_session.bearer, "2fa"
     )
     await email_code(
         authentication_session.bearer.email, two_step_session.code  # Code = XGED2U
@@ -463,7 +463,7 @@ Two-step verification should be integrated with other custom functionalities, su
 ```python
 @app.post("api/security/two-step/request")
 async def on_two_step_request(request):
-    two_step_session = await request_two_step_verification(request)  # Code = T2I58I
+    two_step_session = await request_two_step_verification(request, tag="forgot-pass")  # Code = T2I58I
     await email_code(
         two_step_session.bearer.email, two_step_session.code
     )  # Custom method for emailing verification code.
@@ -493,7 +493,7 @@ async def on_two_step_resend(request):
 ```python
 @app.post("api/security/two-step")
 async def on_two_step_verification(request):
-    two_step_session = await two_step_verification(request)
+    two_step_session = await two_step_verification(request, "forgot-pass")
     response = json("Two-step verification attempt successful!", two_step_session.json)
     return response
 ```
@@ -506,7 +506,7 @@ async def on_two_step_verification(request):
 
 ```python
 @app.post("api/security/two-step")
-@requires_two_step_verification
+@requires_two_step_verification("forgot-pass")
 async def on_two_step_verification(request):
     response = json(
         "Two-step verification attempt successful!", request.ctx.session.json
@@ -551,7 +551,7 @@ async def on_check_perms(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Permissions (this method is not called directly and instead used as a decorator.)
+* Requires Permission (this method is not called directly and instead used as a decorator.)
 
 ```python
 @app.post("api/security/perms")
@@ -569,7 +569,7 @@ async def on_check_roles(request):
     return json("Account is authorized.", authentication_session.json)
 ```
 
-* Require Roles (This method is not called directly and instead used as a decorator)
+* Requires Role (This method is not called directly and instead used as a decorator)
 
 ```python
 @app.post("api/security/roles")