square-authentication 2.0.0__py3-none-any.whl → 4.0.0__py3-none-any.whl

square_authentication/messages.py

@@ -8,9 +8,10 @@ messages = {
     "USERNAME_ALREADY_EXISTS": "the username you entered is already taken. please choose a different one.",
     "INCORRECT_ACCESS_TOKEN": "the access token provided is invalid or expired.",
     "INCORRECT_REFRESH_TOKEN": "the refresh token provided is invalid or expired.",
-    "GENERIC_READ_SUCCESSFUL": "data retrieved successfully.",
     "GENERIC_CREATION_SUCCESSFUL": "records created successfully.",
+    "GENERIC_READ_SUCCESSFUL": "data retrieved successfully.",
     "GENERIC_UPDATE_SUCCESSFUL": "your information has been updated successfully.",
+    "GENERIC_DELETE_SUCCESSFUL": "your records have been deleted successfully.",
     "GENERIC_400": "the request is invalid or cannot be processed.",
     "GENERIC_500": "an internal server error occurred. please try again later.",
 }

square_authentication/pydantic_models/core.py

@@ -0,0 +1,25 @@
+from typing import Optional
+
+from pydantic import BaseModel
+
+
+class RegisterUsernameV0(BaseModel):
+    username: str
+    password: str
+    app_id: Optional[int] = None
+
+
+class LoginUsernameV0(BaseModel):
+    username: str
+    password: str
+    app_id: int
+    assign_app_id_if_missing: bool = False
+
+
+class DeleteUserV0(BaseModel):
+    password: str
+
+
+class UpdatePasswordV0(BaseModel):
+    old_password: str
+    new_password: str

square_authentication/routes/core.py

@@ -1,11 +1,11 @@
 from datetime import datetime, timedelta, timezone
 from typing import Annotated, List
-from uuid import UUID
 
 import bcrypt
 import jwt
 from fastapi import APIRouter, status, Header, HTTPException
 from fastapi.responses import JSONResponse
+from requests import HTTPError
 from square_commons import get_api_output_in_standard_format
 from square_database.pydantic_models.pydantic_models import (
     FiltersV0,
@@ -36,6 +36,12 @@ from square_authentication.configuration import (
     config_str_square_database_protocol,
 )
 from square_authentication.messages import messages
+from square_authentication.pydantic_models.core import (
+    RegisterUsernameV0,
+    LoginUsernameV0,
+    DeleteUserV0,
+    UpdatePasswordV0,
+)
 from square_authentication.utils.token import get_jwt_payload
 
 router = APIRouter(
@@ -51,8 +57,17 @@ global_object_square_database_helper = SquareDatabaseHelper(
 
 @router.post("/register_username/v0")
 @global_object_square_logger.async_auto_logger
-async def register_username_v0(username: str, password: str):
+async def register_username_v0(
+    body: RegisterUsernameV0,
+):
+    username = body.username
+    password = body.password
+    app_id = body.app_id
+
     local_str_user_id = None
+    local_str_access_token = None
+    local_str_refresh_token = None
+
     username = username.lower()
     try:
         """
@@ -117,13 +132,77 @@ async def register_username_v0(username: str, password: str):
             schema_name=global_string_schema_name,
             table_name=UserCredential.__tablename__,
         )
+        if app_id is not None:
+            # assign app to user
+            global_object_square_database_helper.insert_rows_v0(
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserApp.__tablename__,
+                data=[
+                    {
+                        UserApp.user_id.name: local_str_user_id,
+                        UserApp.app_id.name: app_id,
+                    }
+                ],
+            )
+
+            # return new access token and refresh token
+            # create access token
+            local_dict_access_token_payload = {
+                "app_id": app_id,
+                "user_id": local_str_user_id,
+                "exp": datetime.now(timezone.utc)
+                + timedelta(minutes=config_int_access_token_valid_minutes),
+            }
+            local_str_access_token = jwt.encode(
+                local_dict_access_token_payload,
+                config_str_secret_key_for_access_token,
+            )
 
+            # create refresh token
+            local_object_refresh_token_expiry_time = datetime.now(
+                timezone.utc
+            ) + timedelta(minutes=config_int_refresh_token_valid_minutes)
+
+            local_dict_refresh_token_payload = {
+                "app_id": app_id,
+                "user_id": local_str_user_id,
+                "exp": local_object_refresh_token_expiry_time,
+            }
+            local_str_refresh_token = jwt.encode(
+                local_dict_refresh_token_payload,
+                config_str_secret_key_for_refresh_token,
+            )
+            # entry in user session table
+            global_object_square_database_helper.insert_rows_v0(
+                data=[
+                    {
+                        UserSession.user_id.name: local_str_user_id,
+                        UserSession.app_id.name: app_id,
+                        UserSession.user_session_refresh_token.name: local_str_refresh_token,
+                        UserSession.user_session_expiry_time.name: local_object_refresh_token_expiry_time.strftime(
+                            "%Y-%m-%d %H:%M:%S.%f+00"
+                        ),
+                    }
+                ],
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserSession.__tablename__,
+            )
         """
         return value
         """
         output_content = get_api_output_in_standard_format(
             message=messages["REGISTRATION_SUCCESSFUL"],
-            data={"main": {"user_id": local_str_user_id, "username": username}},
+            data={
+                "main": {
+                    "user_id": local_str_user_id,
+                    "username": username,
+                    "app_id": app_id,
+                    "access_token": local_str_access_token,
+                    "refresh_token": local_str_refresh_token,
+                },
+            },
         )
         return JSONResponse(
             status_code=status.HTTP_201_CREATED,
@@ -156,32 +235,29 @@ async def register_username_v0(username: str, password: str):
         )
 
 
-@router.get("/get_user_app_ids/v0")
+@router.get("/get_user_details/v0")
 @global_object_square_logger.async_auto_logger
-async def get_user_app_ids_v0(user_id: UUID):
+async def get_user_details_v0(
+    access_token: Annotated[str, Header()],
+):
     try:
-        local_string_user_id = str(user_id)
         """
         validation
         """
-
-        local_list_response_user = global_object_square_database_helper.get_rows_v0(
-            database_name=global_string_database_name,
-            schema_name=global_string_schema_name,
-            table_name=User.__tablename__,
-            filters=FiltersV0(
-                {User.user_id.name: FilterConditionsV0(eq=local_string_user_id)}
-            ),
-        )["data"]["main"]
-        if len(local_list_response_user) != 1:
+        # validate access token
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
             output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_USER_ID"],
-                log=f"invalid user_id: {local_string_user_id}",
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            raise HTTPException(
-                status_code=status.HTTP_404_NOT_FOUND,
-                detail=output_content,
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
             )
+        user_id = local_dict_access_token_payload["user_id"]
         """
         main process
         """
@@ -189,18 +265,61 @@ async def get_user_app_ids_v0(user_id: UUID):
             database_name=global_string_database_name,
             schema_name=global_string_schema_name,
             table_name=UserApp.__tablename__,
-            filters=FiltersV0(
-                {UserApp.user_id.name: FilterConditionsV0(eq=local_string_user_id)}
-            ),
+            filters=FiltersV0({UserApp.user_id.name: FilterConditionsV0(eq=user_id)}),
         )["data"]["main"]
+        local_list_response_user_credentials = (
+            global_object_square_database_helper.get_rows_v0(
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserCredential.__tablename__,
+                filters=FiltersV0(
+                    {UserCredential.user_id.name: FilterConditionsV0(eq=user_id)}
+                ),
+            )["data"]["main"]
+        )
+        local_list_response_user_sessions = (
+            global_object_square_database_helper.get_rows_v0(
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserSession.__tablename__,
+                filters=FiltersV0(
+                    {
+                        UserSession.user_id.name: FilterConditionsV0(eq=user_id),
+                        UserSession.user_session_expiry_time.name: FilterConditionsV0(
+                            gte=datetime.now(timezone.utc).isoformat()
+                        ),
+                    }
+                ),
+            )["data"]["main"]
+        )
         """
         return value
         """
+        return_this = {
+            "user_id": user_id,
+            "credentials": {
+                "username": local_list_response_user_credentials[0][
+                    UserCredential.user_credential_username.name
+                ],
+            },
+            "apps": [x[UserApp.app_id.name] for x in local_list_response_user_app],
+            "sessions": [
+                {
+                    "app_id": x[UserApp.app_id.name],
+                    "active_sessions": len(
+                        [
+                            y
+                            for y in local_list_response_user_sessions
+                            if y[UserSession.app_id.name] == x[UserApp.app_id.name]
+                        ]
+                    ),
+                }
+                for x in local_list_response_user_app
+            ],
+        }
         output_content = get_api_output_in_standard_format(
             message=messages["GENERIC_READ_SUCCESSFUL"],
-            data={
-                "main": [x[UserApp.app_id.name] for x in local_list_response_user_app]
-            },
+            data={"main": return_this},
         )
         return JSONResponse(
             status_code=status.HTTP_200_OK,
@@ -228,15 +347,29 @@ async def get_user_app_ids_v0(user_id: UUID):
 @router.patch("/update_user_app_ids/v0")
 @global_object_square_logger.async_auto_logger
 async def update_user_app_ids_v0(
-    user_id: UUID,
+    access_token: Annotated[str, Header()],
     app_ids_to_add: List[int],
     app_ids_to_remove: List[int],
 ):
     try:
-        local_string_user_id = str(user_id)
+
         """
         validation
         """
+        # validate access token
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
+            )
+        user_id = local_dict_access_token_payload["user_id"]
 
         app_ids_to_add = list(set(app_ids_to_add))
         app_ids_to_remove = list(set(app_ids_to_remove))
@@ -252,27 +385,6 @@ async def update_user_app_ids_v0(
                 status_code=status.HTTP_400_BAD_REQUEST,
                 detail=output_content,
             )
-        # validate access token
-        # TBD
-
-        # check if user id is in user table
-        local_list_response_user = global_object_square_database_helper.get_rows_v0(
-            database_name=global_string_database_name,
-            schema_name=global_string_schema_name,
-            table_name=User.__tablename__,
-            filters=FiltersV0(
-                {User.user_id.name: FilterConditionsV0(eq=local_string_user_id)}
-            ),
-        )["data"]["main"]
-        if len(local_list_response_user) != 1:
-            output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_USER_ID"],
-                log=f"invalid user_id: {local_string_user_id}",
-            )
-            raise HTTPException(
-                status_code=status.HTTP_404_NOT_FOUND,
-                detail=output_content,
-            )
 
         # check if all app_ids are valid
         local_list_all_app_ids = [*app_ids_to_add, *app_ids_to_remove]
@@ -305,13 +417,11 @@ async def update_user_app_ids_v0(
             database_name=global_string_database_name,
             schema_name=global_string_schema_name,
             table_name=UserApp.__tablename__,
-            filters=FiltersV0(
-                {UserApp.user_id.name: FilterConditionsV0(eq=local_string_user_id)}
-            ),
+            filters=FiltersV0({UserApp.user_id.name: FilterConditionsV0(eq=user_id)}),
         )["data"]["main"]
         local_list_new_app_ids = [
             {
-                UserApp.user_id.name: local_string_user_id,
+                UserApp.user_id.name: user_id,
                 UserApp.app_id.name: x,
             }
             for x in app_ids_to_add
@@ -333,22 +443,19 @@ async def update_user_app_ids_v0(
                 table_name=UserApp.__tablename__,
                 filters=FiltersV0(
                     {
-                        UserApp.user_id.name: FilterConditionsV0(
-                            eq=local_string_user_id
-                        ),
+                        UserApp.user_id.name: FilterConditionsV0(eq=user_id),
                         UserApp.app_id.name: FilterConditionsV0(eq=app_id),
                     }
                 ),
             )
+            # logout user from removed apps
             global_object_square_database_helper.delete_rows_v0(
                 database_name=global_string_database_name,
                 schema_name=global_string_schema_name,
                 table_name=UserSession.__tablename__,
                 filters=FiltersV0(
                     {
-                        UserSession.user_id.name: FilterConditionsV0(
-                            eq=local_string_user_id
-                        ),
+                        UserSession.user_id.name: FilterConditionsV0(eq=user_id),
                         UserSession.app_id.name: FilterConditionsV0(eq=app_id),
                     }
                 ),
@@ -362,9 +469,7 @@ async def update_user_app_ids_v0(
             database_name=global_string_database_name,
             schema_name=global_string_schema_name,
             table_name=UserApp.__tablename__,
-            filters=FiltersV0(
-                {UserApp.user_id.name: FilterConditionsV0(eq=local_string_user_id)}
-            ),
+            filters=FiltersV0({UserApp.user_id.name: FilterConditionsV0(eq=user_id)}),
         )["data"]["main"]
         output_content = get_api_output_in_standard_format(
             message=messages["GENERIC_UPDATE_SUCCESSFUL"],
@@ -395,9 +500,13 @@ async def update_user_app_ids_v0(
         )
 
 
-@router.get("/login_username/v0")
+@router.post("/login_username/v0")
 @global_object_square_logger.async_auto_logger
-async def login_username_v0(username: str, password: str, app_id: int):
+async def login_username_v0(body: LoginUsernameV0):
+    username = body.username
+    password = body.password
+    app_id = body.app_id
+    assign_app_id_if_missing = body.assign_app_id_if_missing
     username = username.lower()
     try:
         """
@@ -443,14 +552,36 @@ async def login_username_v0(username: str, password: str, app_id: int):
                 }
             ),
         )["data"]["main"]
-        if len(local_list_user_app_response) != 1:
-            output_content = get_api_output_in_standard_format(
-                message=messages["GENERIC_400"],
-                log=f"user_id {local_str_user_id}({username}) not assigned to app {app_id}.",
-            )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
-            )
+        if len(local_list_user_app_response) == 0:
+            if assign_app_id_if_missing:
+                try:
+                    global_object_square_database_helper.insert_rows_v0(
+                        database_name=global_string_database_name,
+                        schema_name=global_string_schema_name,
+                        table_name=UserApp.__tablename__,
+                        data=[
+                            {
+                                UserApp.user_id.name: local_str_user_id,
+                                UserApp.app_id.name: app_id,
+                            }
+                        ],
+                    )
+                except HTTPError as he:
+                    output_content = get_api_output_in_standard_format(
+                        message=messages["GENERIC_400"],
+                        log=str(he),
+                    )
+                    return JSONResponse(
+                        status_code=he.response.status_code, content=output_content
+                    )
+            else:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log=f"user_id {local_str_user_id}({username}) not assigned to app {app_id}.",
+                )
+                return JSONResponse(
+                    status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+                )
 
         # validate password
         if not (
@@ -554,54 +685,14 @@ async def login_username_v0(username: str, password: str, app_id: int):
 @router.get("/generate_access_token/v0")
 @global_object_square_logger.async_auto_logger
 async def generate_access_token_v0(
-    user_id: str, app_id: int, refresh_token: Annotated[str, Header()]
+    refresh_token: Annotated[str, Header()],
 ):
     try:
         """
         validation
         """
-        # validate user_id
-        local_list_user_response = global_object_square_database_helper.get_rows_v0(
-            database_name=global_string_database_name,
-            schema_name=global_string_schema_name,
-            table_name=User.__tablename__,
-            filters=FiltersV0({User.user_id.name: FilterConditionsV0(eq=user_id)}),
-        )["data"]["main"]
-
-        if len(local_list_user_response) != 1:
-            output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_USER_ID"],
-                log=f"incorrect user_id: {user_id}.",
-            )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
-            )
-        # validate if app_id is assigned to user
-        # this will also validate if app_id is valid
-        local_dict_user = local_list_user_response[0]
-        local_str_user_id = local_dict_user[User.user_id.name]
-        local_list_user_app_response = global_object_square_database_helper.get_rows_v0(
-            database_name=global_string_database_name,
-            schema_name=global_string_schema_name,
-            table_name=UserApp.__tablename__,
-            filters=FiltersV0(
-                {
-                    UserApp.user_id.name: FilterConditionsV0(eq=local_str_user_id),
-                    UserApp.app_id.name: FilterConditionsV0(eq=app_id),
-                }
-            ),
-        )["data"]["main"]
-        if len(local_list_user_app_response) != 1:
-            output_content = get_api_output_in_standard_format(
-                message=messages["GENERIC_400"],
-                log=f"user_id {local_str_user_id} not assigned to app {app_id}.",
-            )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
-            )
         # validate refresh token
-        # validating if a session refresh token exists in the database for provided app id.
+        # validating if a session refresh token exists in the database.
         local_list_user_session_response = (
             global_object_square_database_helper.get_rows_v0(
                 database_name=global_string_database_name,
@@ -609,11 +700,9 @@ async def generate_access_token_v0(
                 table_name=UserSession.__tablename__,
                 filters=FiltersV0(
                     {
-                        UserSession.user_id.name: FilterConditionsV0(eq=user_id),
                         UserSession.user_session_refresh_token.name: FilterConditionsV0(
                             eq=refresh_token
                         ),
-                        UserSession.app_id.name: FilterConditionsV0(eq=app_id),
                     }
                 ),
             )["data"]["main"]
@@ -622,7 +711,7 @@ async def generate_access_token_v0(
         if len(local_list_user_session_response) != 1:
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_REFRESH_TOKEN"],
-                log=f"incorrect refresh token: {refresh_token} for user_id: {user_id} for app_id: {app_id}.",
+                log=f"incorrect refresh token: {refresh_token}.",
             )
             return JSONResponse(
                 status_code=status.HTTP_400_BAD_REQUEST,
@@ -641,32 +730,13 @@ async def generate_access_token_v0(
                 status_code=status.HTTP_400_BAD_REQUEST,
                 content=output_content,
             )
-
-        if local_dict_refresh_token_payload["user_id"] != user_id:
-            output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_REFRESH_TOKEN"],
-                log=f"refresh token and user_id mismatch.",
-            )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
-            )
-        if local_dict_refresh_token_payload["app_id"] != app_id:
-            output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_REFRESH_TOKEN"],
-                log=f"refresh token and app_id mismatch.",
-            )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
-            )
         """
         main process
         """
         # create and send access token
         local_dict_access_token_payload = {
-            "app_id": app_id,
-            "user_id": user_id,
+            "app_id": local_dict_refresh_token_payload["app_id"],
+            "user_id": local_dict_refresh_token_payload["user_id"],
             "exp": datetime.now(timezone.utc)
             + timedelta(minutes=config_int_access_token_valid_minutes),
         }
@@ -705,15 +775,121 @@ async def generate_access_token_v0(
 @router.delete("/logout/v0")
 @global_object_square_logger.async_auto_logger
 async def logout_v0(
-    user_id: str,
-    app_id: int,
-    access_token: Annotated[str, Header()],
     refresh_token: Annotated[str, Header()],
 ):
     try:
         """
         validation
         """
+        # validate refresh token
+        # validating if a session refresh token exists in the database.
+        local_list_user_session_response = (
+            global_object_square_database_helper.get_rows_v0(
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserSession.__tablename__,
+                filters=FiltersV0(
+                    {
+                        UserSession.user_session_refresh_token.name: FilterConditionsV0(
+                            eq=refresh_token
+                        ),
+                    }
+                ),
+            )["data"]["main"]
+        )
+
+        if len(local_list_user_session_response) != 1:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_REFRESH_TOKEN"],
+                log=f"incorrect refresh token: {refresh_token}.",
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
+            )
+        # validating if the refresh token is valid, active and of the same user.
+        try:
+            local_dict_refresh_token_payload = get_jwt_payload(
+                refresh_token, config_str_secret_key_for_refresh_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_REFRESH_TOKEN"],
+                log=str(error),
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
+            )
+        # ======================================================================================
+        # NOTE: if refresh token has expired no need to delete it during this call
+        # ======================================================================================
+        """
+        main process
+        """
+        # delete session for user
+        global_object_square_database_helper.delete_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserSession.__tablename__,
+            filters=FiltersV0(
+                {
+                    UserSession.user_session_refresh_token.name: FilterConditionsV0(
+                        eq=refresh_token
+                    ),
+                }
+            ),
+        )
+        """
+        return value
+        """
+        output_content = get_api_output_in_standard_format(
+            message=messages["LOGOUT_SUCCESSFUL"],
+        )
+        return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+    except HTTPException as http_exception:
+        return JSONResponse(
+            status_code=http_exception.status_code, content=http_exception.detail
+        )
+    except Exception as e:
+        """
+        rollback logic
+        """
+        global_object_square_logger.logger.error(e, exc_info=True)
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_500"],
+            log=str(e),
+        )
+        return JSONResponse(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, content=output_content
+        )
+
+
+@router.patch("/update_username/v0")
+@global_object_square_logger.async_auto_logger
+async def update_username_v0(
+    new_username: str,
+    access_token: Annotated[str, Header()],
+):
+    try:
+        """
+        validation
+        """
+        # validate access token
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
+            )
+        user_id = local_dict_access_token_payload["user_id"]
+
         # validate user_id
         local_list_user_response = global_object_square_database_helper.get_rows_v0(
             database_name=global_string_database_name,
@@ -736,62 +912,192 @@ async def logout_v0(
                 content=output_content,
             )
 
-        # validate if app_id is assigned to user
-        # this will also validate if app_id is valid
-        local_dict_user = local_list_user_response[0]
-        local_str_user_id = local_dict_user[User.user_id.name]
-        local_list_user_app_response = global_object_square_database_helper.get_rows_v0(
+        # validate new username
+        local_list_user_credentials_response = global_object_square_database_helper.get_rows_v0(
             database_name=global_string_database_name,
             schema_name=global_string_schema_name,
-            table_name=UserApp.__tablename__,
+            table_name=UserCredential.__tablename__,
             filters=FiltersV0(
                 {
-                    UserApp.user_id.name: FilterConditionsV0(eq=local_str_user_id),
-                    UserApp.app_id.name: FilterConditionsV0(eq=app_id),
+                    UserCredential.user_credential_username.name: FilterConditionsV0(
+                        eq=new_username
+                    ),
                 }
             ),
-        )["data"]["main"]
-        if len(local_list_user_app_response) != 1:
+        )[
+            "data"
+        ][
+            "main"
+        ]
+        if len(local_list_user_credentials_response) != 0:
             output_content = get_api_output_in_standard_format(
-                message=messages["GENERIC_400"],
-                log=f"user_id {local_str_user_id} not assigned to app {app_id}.",
+                message=messages["USERNAME_ALREADY_EXISTS"],
+                log=f"{new_username} is taken.",
             )
             return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+                status_code=status.HTTP_409_CONFLICT,
+                content=output_content,
             )
+        """
+        main process
+        """
+        # edit the username
+        global_object_square_database_helper.edit_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserCredential.__tablename__,
+            filters=FiltersV0(
+                {
+                    UserCredential.user_id.name: FilterConditionsV0(eq=user_id),
+                }
+            ),
+            data={
+                UserCredential.user_credential_username.name: new_username,
+            },
+        )
+        """
+        return value
+        """
+        output_content = get_api_output_in_standard_format(
+            data={"main": {"user_id": user_id, "username": new_username}},
+            message=messages["GENERIC_UPDATE_SUCCESSFUL"],
+        )
+        return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+    except HTTPException as http_exception:
+        return JSONResponse(
+            status_code=http_exception.status_code, content=http_exception.detail
+        )
+    except Exception as e:
+        """
+        rollback logic
+        """
+        global_object_square_logger.logger.error(e, exc_info=True)
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_500"],
+            log=str(e),
+        )
+        return JSONResponse(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, content=output_content
+        )
 
-        # validate refresh token
-        # validating if a session refresh token exists in the database.
-        local_list_user_session_response = (
+
+@router.delete("/delete_user/v0")
+@global_object_square_logger.async_auto_logger
+async def delete_user_v0(
+    body: DeleteUserV0,
+    access_token: Annotated[str, Header()],
+):
+    password = body.password
+    try:
+        """
+        validation
+        """
+        # validate access token
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                content=output_content,
+            )
+        user_id = local_dict_access_token_payload["user_id"]
+
+        # validate user_id
+        local_list_authentication_user_response = (
             global_object_square_database_helper.get_rows_v0(
                 database_name=global_string_database_name,
                 schema_name=global_string_schema_name,
-                table_name=UserSession.__tablename__,
+                table_name=UserCredential.__tablename__,
                 filters=FiltersV0(
-                    {
-                        UserSession.user_id.name: FilterConditionsV0(eq=user_id),
-                        UserSession.user_session_refresh_token.name: FilterConditionsV0(
-                            eq=refresh_token
-                        ),
-                        UserSession.app_id.name: FilterConditionsV0(eq=app_id),
-                    }
+                    {UserCredential.user_id.name: FilterConditionsV0(eq=user_id)}
                 ),
             )["data"]["main"]
         )
+        if len(local_list_authentication_user_response) != 1:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_USER_ID"],
+                log=f"incorrect user_id: {user_id}.",
+            )
+            return JSONResponse(
+                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+            )
 
-        if len(local_list_user_session_response) != 1:
+        # validate password
+        local_dict_user = local_list_authentication_user_response[0]
+        if not (
+            bcrypt.checkpw(
+                password.encode("utf-8"),
+                local_dict_user[
+                    UserCredential.user_credential_hashed_password.name
+                ].encode("utf-8"),
+            )
+        ):
             output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_REFRESH_TOKEN"],
-                log=f"incorrect refresh token: {refresh_token} for user_id: {user_id} for app_id: {app_id}.",
+                message=messages["INCORRECT_PASSWORD"],
+                log=f"incorrect password for user_id {user_id}.",
             )
             return JSONResponse(
                 status_code=status.HTTP_400_BAD_REQUEST,
                 content=output_content,
             )
-        # **not validating if the refresh token is valid, active, of the same user and of the provided app id.**
+        """
+        main process
+        """
+        # delete the user.
+        global_object_square_database_helper.delete_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=User.__tablename__,
+            filters=FiltersV0(
+                {
+                    User.user_id.name: FilterConditionsV0(eq=user_id),
+                }
+            ),
+        )
+        """
+        return value
+        """
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_DELETE_SUCCESSFUL"],
+            log=f"user_id: {user_id} deleted successfully.",
+        )
+        return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+    except HTTPException as http_exception:
+        return JSONResponse(
+            status_code=http_exception.status_code, content=http_exception.detail
+        )
+    except Exception as e:
+        """
+        rollback logic
+        """
+        global_object_square_logger.logger.error(e, exc_info=True)
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_500"],
+            log=str(e),
+        )
+        return JSONResponse(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, content=output_content
+        )
+
 
+@router.patch("/update_password/v0")
+@global_object_square_logger.async_auto_logger
+async def update_password_v0(
+    body: UpdatePasswordV0,
+    access_token: Annotated[str, Header()],
+):
+    old_password = body.old_password
+    new_password = body.new_password
+    try:
+        """
+        validation
+        """
         # validate access token
-        # validating if the access token is valid, active, of the same user and of the provided app.
         try:
             local_dict_access_token_payload = get_jwt_payload(
                 access_token, config_str_secret_key_for_access_token
@@ -804,53 +1110,72 @@ async def logout_v0(
                 status_code=status.HTTP_400_BAD_REQUEST,
                 content=output_content,
             )
-        if local_dict_access_token_payload["user_id"] != user_id:
+        user_id = local_dict_access_token_payload["user_id"]
+
+        # validate user_id
+        local_list_authentication_user_response = (
+            global_object_square_database_helper.get_rows_v0(
+                database_name=global_string_database_name,
+                schema_name=global_string_schema_name,
+                table_name=UserCredential.__tablename__,
+                filters=FiltersV0(
+                    {UserCredential.user_id.name: FilterConditionsV0(eq=user_id)}
+                ),
+            )["data"]["main"]
+        )
+        if len(local_list_authentication_user_response) != 1:
             output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_ACCESS_TOKEN"],
-                log=f"access token and user_id mismatch.",
+                message=messages["INCORRECT_USER_ID"],
+                log=f"incorrect user_id: {user_id}.",
             )
             return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
             )
-        if local_dict_access_token_payload["app_id"] != app_id:
+
+        # validate password
+        local_dict_user = local_list_authentication_user_response[0]
+        if not (
+            bcrypt.checkpw(
+                old_password.encode("utf-8"),
+                local_dict_user[
+                    UserCredential.user_credential_hashed_password.name
+                ].encode("utf-8"),
+            )
+        ):
             output_content = get_api_output_in_standard_format(
-                message=messages["INCORRECT_ACCESS_TOKEN"],
-                log=f"access token and app_id mismatch.",
+                message=messages["INCORRECT_PASSWORD"],
+                log=f"incorrect password for user_id {user_id}.",
             )
             return JSONResponse(
                 status_code=status.HTTP_400_BAD_REQUEST,
                 content=output_content,
             )
-        # ======================================================================================
-
-        # NOTE: if both access token and refresh token have expired for a user,
-        # it can be assumed that user session only needs to be removed from the front end.
-
-        # ======================================================================================
         """
         main process
         """
-        # delete session for user
-        global_object_square_database_helper.delete_rows_v0(
+        # delete the user.
+        local_str_hashed_password = bcrypt.hashpw(
+            new_password.encode("utf-8"), bcrypt.gensalt()
+        ).decode("utf-8")
+        global_object_square_database_helper.edit_rows_v0(
             database_name=global_string_database_name,
             schema_name=global_string_schema_name,
-            table_name=UserSession.__tablename__,
+            table_name=UserCredential.__tablename__,
             filters=FiltersV0(
                 {
-                    UserSession.user_id.name: FilterConditionsV0(eq=user_id),
-                    UserSession.user_session_refresh_token.name: FilterConditionsV0(
-                        eq=refresh_token
-                    ),
-                    UserSession.app_id.name: FilterConditionsV0(eq=app_id),
+                    UserCredential.user_id.name: FilterConditionsV0(eq=user_id),
                 }
             ),
+            data={
+                UserCredential.user_credential_hashed_password.name: local_str_hashed_password,
+            },
         )
         """
         return value
         """
         output_content = get_api_output_in_standard_format(
-            message=messages["LOGOUT_SUCCESSFUL"],
+            message=messages["GENERIC_UPDATE_SUCCESSFUL"],
+            log=f"password for user_id: {user_id} updated successfully.",
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:

{square_authentication-2.0.0.dist-info → square_authentication-4.0.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: square-authentication
-Version: 2.0.0
+Version: 4.0.0
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -43,6 +43,25 @@ pip install square_authentication
 
 ## changelog
 
+### v4.0.0
+
+- /login_username/v0 is now POST method.
+- new flag in /login_username/v0 assign_app_id_if_missing.
+- bugfix: /get_user_details/v0 now only returns number of active sessions.
+
+### v3.0.0
+
+- added new endpoints
+    - /update_username/v0
+    - /delete_user/v0
+    - /update_password/v0
+- move data in password related endpoints to request body from params.
+- /register_username/v0 now takes in app_id as optional parameter to assign user to that app and create session for it.
+- /generate_access_token/v0 now only needs refresh token (removed validation).
+- /logout/v0 now only needs refresh token (removed validation).
+- /update_user_app_ids/v0 now only updates ids for self (user). added access token as input param and removed user_id.
+- /get_user_app_ids/v0 is now /get_user_details/v0 with access token as the only input param.
+
 ### v2.0.0
 
 - authentication module needs to be used across applications so

{square_authentication-2.0.0.dist-info → square_authentication-4.0.0.dist-info}/RECORD

@@ -1,15 +1,17 @@
 square_authentication/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 square_authentication/configuration.py,sha256=i0uNtNSQd-n1rBxFM6jsIz1Wy3d090RcdTViSqHKc7Y,2973
 square_authentication/main.py,sha256=JK9KBmN73KL8EpKrXrjrwwf37bmC4AXrFHtfl2roYwQ,1636
-square_authentication/messages.py,sha256=NHJLnaB-qj69VJrMkmbMXDHJUnakQLht14ZBrw4dGgg,1094
+square_authentication/messages.py,sha256=BA9KC0vW9UD1ZXT4VneVqVNLlgdbMdsAwAgxhJISLf4,1175
 square_authentication/data/config.ini,sha256=_740RvKpL5W2bUDGwZ7ePwuP-mAasr5cXXB81yq_Jv8,906
+square_authentication/pydantic_models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+square_authentication/pydantic_models/core.py,sha256=Hwzr-YJH6GVGLp4Z29iHItOEhiEvk65MjsttmCaDTe4,431
 square_authentication/routes/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-square_authentication/routes/core.py,sha256=gwfNQcMvT5DdbZQBotLPwy1Actr7SBSgrimfHfMviYs,33617
+square_authentication/routes/core.py,sha256=o9FeIGMdQbkBLZ0d9GdyEOJJkRMBsYRyUKOO9l5vWgA,44551
 square_authentication/routes/utility.py,sha256=Kx4S4tZ1GKsPoC8CoZ4fkLEebvr02KeFEPePtTHtpnQ,75
 square_authentication/utils/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 square_authentication/utils/encryption.py,sha256=T6BShoUr_xeGpbfPgTK-GxTlXPwcjwU4c4KW7KPzrF8,1865
 square_authentication/utils/token.py,sha256=Y_arg5LegX-aprMj9YweUK8jjNZLGDjLUGgxbUA12w4,560
-square_authentication-2.0.0.dist-info/METADATA,sha256=BrxsipcwD1dQNTUeM7pXXtAOZMPXBO1i4n7tRRbXx7s,1966
-square_authentication-2.0.0.dist-info/WHEEL,sha256=eOLhNAGa2EW3wWl_TU484h7q1UNgy0JXjjoqKoxAAQc,92
-square_authentication-2.0.0.dist-info/top_level.txt,sha256=wDssVJIl9KIEJPj5rR3rv4uRI7yCndMBrvHd_6BGXQA,22
-square_authentication-2.0.0.dist-info/RECORD,,
+square_authentication-4.0.0.dist-info/METADATA,sha256=spjL_EnrXbwC-em5JgyrzlCq0HD0QHDzXEagx9DzLHM,2810
+square_authentication-4.0.0.dist-info/WHEEL,sha256=bFJAMchF8aTQGUgMZzHJyDDMPTO3ToJ7x23SLJa1SVo,92
+square_authentication-4.0.0.dist-info/top_level.txt,sha256=wDssVJIl9KIEJPj5rR3rv4uRI7yCndMBrvHd_6BGXQA,22
+square_authentication-4.0.0.dist-info/RECORD,,

{square_authentication-2.0.0.dist-info → square_authentication-4.0.0.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.44.0)
+Generator: bdist_wheel (0.45.0)
 Root-Is-Purelib: true
 Tag: py3-none-any