square-authentication 5.0.1__tar.gz → 5.1.1__tar.gz

{square_authentication-5.0.1 → square_authentication-5.1.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: square_authentication
-Version: 5.0.1
+Version: 5.1.1
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -32,6 +32,17 @@ pip install square_authentication
 
 ## changelog
 
+### v5.1.1
+
+- add logger decorator in all functions.
+- add error logs in all endpoints.
+
+### v5.1.0
+
+- Core
+    - add logout/apps/v0.
+    - add logout/all/v0.
+
 ### v5.0.1
 
 - fix typo in return value of get_user_details_v0.
@@ -116,3 +127,4 @@ pip install square_authentication
 
 ## Feedback is appreciated. Thank you!
 
+

{square_authentication-5.0.1 → square_authentication-5.1.1}/README.md

@@ -16,6 +16,17 @@ pip install square_authentication
 
 ## changelog
 
+### v5.1.1
+
+- add logger decorator in all functions.
+- add error logs in all endpoints.
+
+### v5.1.0
+
+- Core
+    - add logout/apps/v0.
+    - add logout/all/v0.
+
 ### v5.0.1
 
 - fix typo in return value of get_user_details_v0.
@@ -98,4 +109,4 @@ pip install square_authentication
 
 - initial implementation.
 
-## Feedback is appreciated. Thank you!
+## Feedback is appreciated. Thank you!

{square_authentication-5.0.1 → square_authentication-5.1.1}/setup.py

@@ -4,7 +4,7 @@ package_name = "square_authentication"
 
 setup(
     name=package_name,
-    version="5.0.1",
+    version="5.1.1",
     packages=find_packages(),
     package_data={
         package_name: ["data/*"],

{square_authentication-5.0.1 → square_authentication-5.1.1}/square_authentication/pydantic_models/core.py

@@ -1,5 +1,5 @@
 from enum import Enum
-from typing import Optional
+from typing import Optional, List
 
 from pydantic import BaseModel
 
@@ -29,3 +29,7 @@ class UpdatePasswordV0(BaseModel):
 class TokenType(Enum):
     access_token = "access_token"
     refresh_token = "refresh_token"
+
+
+class LogoutAppsV0(BaseModel):
+    app_ids: List[int]

{square_authentication-5.0.1 → square_authentication-5.1.1}/square_authentication/routes/core.py

@@ -3,23 +3,20 @@ from typing import Annotated, List
 
 import bcrypt
 import jwt
-from fastapi import APIRouter, status, Header, HTTPException
+from fastapi import APIRouter, Header, HTTPException, status
 from fastapi.params import Query
 from fastapi.responses import JSONResponse
 from requests import HTTPError
 from square_commons import get_api_output_in_standard_format
 from square_database_helper.main import SquareDatabaseHelper
-from square_database_helper.pydantic_models import (
-    FiltersV0,
-    FilterConditionsV0,
-)
+from square_database_helper.pydantic_models import FilterConditionsV0, FiltersV0
 from square_database_structure.square import global_string_database_name
 from square_database_structure.square.authentication import global_string_schema_name
 from square_database_structure.square.authentication.tables import (
     User,
+    UserApp,
     UserCredential,
     UserSession,
-    UserApp,
 )
 from square_database_structure.square.public import (
     global_string_schema_name as global_string_public_schema_name,
@@ -27,22 +24,23 @@ from square_database_structure.square.public import (
 from square_database_structure.square.public.tables import App
 
 from square_authentication.configuration import (
-    global_object_square_logger,
-    config_str_secret_key_for_access_token,
     config_int_access_token_valid_minutes,
     config_int_refresh_token_valid_minutes,
+    config_int_square_database_port,
+    config_str_secret_key_for_access_token,
     config_str_secret_key_for_refresh_token,
     config_str_square_database_ip,
-    config_int_square_database_port,
     config_str_square_database_protocol,
+    global_object_square_logger,
 )
 from square_authentication.messages import messages
 from square_authentication.pydantic_models.core import (
-    RegisterUsernameV0,
-    LoginUsernameV0,
     DeleteUserV0,
-    UpdatePasswordV0,
+    LoginUsernameV0,
+    LogoutAppsV0,
+    RegisterUsernameV0,
     TokenType,
+    UpdatePasswordV0,
 )
 from square_authentication.utils.token import get_jwt_payload
 
@@ -212,6 +210,7 @@ async def register_username_v0(
             content=output_content,
         )
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -256,9 +255,9 @@ async def get_user_details_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         user_id = local_dict_access_token_payload["user_id"]
         """
@@ -347,6 +346,7 @@ async def get_user_details_v0(
             content=output_content,
         )
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -386,9 +386,9 @@ async def update_user_app_ids_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         user_id = local_dict_access_token_payload["user_id"]
 
@@ -507,6 +507,7 @@ async def update_user_app_ids_v0(
             content=output_content,
         )
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -559,8 +560,9 @@ async def login_username_v0(body: LoginUsernameV0):
                 message=messages["INCORRECT_USERNAME"],
                 log=f"incorrect username {username}",
             )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
             )
         # validate if app_id is assigned to user
         # this will also validate if app_id is valid
@@ -596,16 +598,17 @@ async def login_username_v0(body: LoginUsernameV0):
                         message=messages["GENERIC_400"],
                         log=str(he),
                     )
-                    return JSONResponse(
-                        status_code=he.response.status_code, content=output_content
+                    raise HTTPException(
+                        status_code=he.response.status_code, detail=output_content
                     )
             else:
                 output_content = get_api_output_in_standard_format(
                     message=messages["GENERIC_400"],
                     log=f"user_id {local_str_user_id}({username}) not assigned to app {app_id}.",
                 )
-                return JSONResponse(
-                    status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
                 )
 
         # validate password
@@ -621,9 +624,9 @@ async def login_username_v0(body: LoginUsernameV0):
                 message=messages["INCORRECT_PASSWORD"],
                 log=f"incorrect password for user_id {local_str_user_id}({username}).",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         """
         main process
@@ -691,6 +694,7 @@ async def login_username_v0(body: LoginUsernameV0):
             content=output_content,
         )
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -739,9 +743,9 @@ async def generate_access_token_v0(
                 message=messages["INCORRECT_REFRESH_TOKEN"],
                 log=f"incorrect refresh token: {refresh_token}.",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         # validating if the refresh token is valid, active and of the same user.
         try:
@@ -752,9 +756,9 @@ async def generate_access_token_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_REFRESH_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         """
         main process
@@ -781,6 +785,7 @@ async def generate_access_token_v0(
             content=output_content,
         )
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -829,9 +834,9 @@ async def logout_v0(
                 message=messages["INCORRECT_REFRESH_TOKEN"],
                 log=f"incorrect refresh token: {refresh_token}.",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         # validating if the refresh token is valid, active and of the same user.
         try:
@@ -843,9 +848,9 @@ async def logout_v0(
                 message=messages["INCORRECT_REFRESH_TOKEN"],
                 log=str(error),
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         # ======================================================================================
         # NOTE: if refresh token has expired no need to delete it during this call
@@ -874,6 +879,164 @@ async def logout_v0(
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
+        return JSONResponse(
+            status_code=http_exception.status_code, content=http_exception.detail
+        )
+    except Exception as e:
+        """
+        rollback logic
+        """
+        global_object_square_logger.logger.error(e, exc_info=True)
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_500"],
+            log=str(e),
+        )
+        return JSONResponse(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, content=output_content
+        )
+
+
+@router.delete("/logout/apps/v0")
+@global_object_square_logger.async_auto_logger
+async def logout_apps_v0(
+    access_token: Annotated[str, Header()],
+    body: LogoutAppsV0,
+):
+    app_ids = body.app_ids
+    try:
+        """
+        validation
+        """
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
+            )
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
+            )
+        user_id = local_dict_access_token_payload["user_id"]
+        # validate app_ids
+        app_ids = list(set(app_ids))
+        local_list_response_user_app = global_object_square_database_helper.get_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserApp.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserApp.user_id.name: FilterConditionsV0(eq=user_id),
+                }
+            ),
+            columns=[UserApp.app_id.name],
+        )["data"]["main"]
+        local_list_user_app_ids = [
+            x[UserApp.app_id.name] for x in local_list_response_user_app
+        ]
+        local_list_invalid_app_ids = [
+            x for x in app_ids if x not in local_list_user_app_ids
+        ]
+        if len(local_list_invalid_app_ids) > 0:
+            output_content = get_api_output_in_standard_format(
+                message=messages["GENERIC_400"],
+                log=f"invalid app_ids: {local_list_invalid_app_ids}.",
+            )
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
+            )
+        """
+        main process
+        """
+        # delete session for user
+        global_object_square_database_helper.delete_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserSession.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserSession.user_id.name: FilterConditionsV0(eq=user_id),
+                    UserSession.app_id.name: FilterConditionsV0(in_=app_ids),
+                }
+            ),
+        )
+        """
+        return value
+        """
+        output_content = get_api_output_in_standard_format(
+            message=messages["LOGOUT_SUCCESSFUL"],
+        )
+        return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+    except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
+        return JSONResponse(
+            status_code=http_exception.status_code, content=http_exception.detail
+        )
+    except Exception as e:
+        """
+        rollback logic
+        """
+        global_object_square_logger.logger.error(e, exc_info=True)
+        output_content = get_api_output_in_standard_format(
+            message=messages["GENERIC_500"],
+            log=str(e),
+        )
+        return JSONResponse(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, content=output_content
+        )
+
+
+@router.delete("/logout/all/v0")
+@global_object_square_logger.async_auto_logger
+async def logout_all_v0(
+    access_token: Annotated[str, Header()],
+):
+
+    try:
+        """
+        validation
+        """
+        try:
+            local_dict_access_token_payload = get_jwt_payload(
+                access_token, config_str_secret_key_for_access_token
+            )
+        except Exception as error:
+            output_content = get_api_output_in_standard_format(
+                message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
+            )
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
+            )
+        user_id = local_dict_access_token_payload["user_id"]
+
+        """
+        main process
+        """
+        # delete session for user
+        global_object_square_database_helper.delete_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserSession.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserSession.user_id.name: FilterConditionsV0(eq=user_id),
+                }
+            ),
+        )
+        """
+        return value
+        """
+        output_content = get_api_output_in_standard_format(
+            message=messages["LOGOUT_SUCCESSFUL"],
+        )
+        return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+    except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -910,9 +1073,9 @@ async def update_username_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         user_id = local_dict_access_token_payload["user_id"]
 
@@ -933,9 +1096,9 @@ async def update_username_v0(
                 message=messages["INCORRECT_USER_ID"],
                 log=f"incorrect user_id: {user_id}.",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
 
         # validate new username
@@ -960,9 +1123,9 @@ async def update_username_v0(
                 message=messages["USERNAME_ALREADY_EXISTS"],
                 log=f"{new_username} is taken.",
             )
-            return JSONResponse(
-                status_code=status.HTTP_409_CONFLICT,
-                content=output_content,
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
             )
         """
         main process
@@ -990,6 +1153,7 @@ async def update_username_v0(
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -1027,9 +1191,9 @@ async def delete_user_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         user_id = local_dict_access_token_payload["user_id"]
 
@@ -1049,8 +1213,9 @@ async def delete_user_v0(
                 message=messages["INCORRECT_USER_ID"],
                 log=f"incorrect user_id: {user_id}.",
             )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
             )
 
         # validate password
@@ -1067,9 +1232,9 @@ async def delete_user_v0(
                 message=messages["INCORRECT_PASSWORD"],
                 log=f"incorrect password for user_id {user_id}.",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         """
         main process
@@ -1094,6 +1259,7 @@ async def delete_user_v0(
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -1132,9 +1298,9 @@ async def update_password_v0(
             output_content = get_api_output_in_standard_format(
                 message=messages["INCORRECT_ACCESS_TOKEN"], log=str(error)
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         user_id = local_dict_access_token_payload["user_id"]
 
@@ -1154,8 +1320,9 @@ async def update_password_v0(
                 message=messages["INCORRECT_USER_ID"],
                 log=f"incorrect user_id: {user_id}.",
             )
-            return JSONResponse(
-                status_code=status.HTTP_400_BAD_REQUEST, content=output_content
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=output_content,
             )
 
         # validate password
@@ -1172,9 +1339,9 @@ async def update_password_v0(
                 message=messages["INCORRECT_PASSWORD"],
                 log=f"incorrect password for user_id {user_id}.",
             )
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
         """
         main process
@@ -1205,6 +1372,7 @@ async def update_password_v0(
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )
@@ -1268,11 +1436,12 @@ async def validate_and_get_payload_from_token_v0(
                         message=messages["INCORRECT_REFRESH_TOKEN"],
                         log="refresh token valid but not present in database.",
                     )
-                    return JSONResponse(
+                    raise HTTPException(
                         status_code=status.HTTP_400_BAD_REQUEST,
-                        content=output_content,
+                        detail=output_content,
                     )
-
+        except HTTPException as http_exception:
+            raise
         except Exception as error:
             output_content = None
             if token_type == TokenType.access_token:
@@ -1284,9 +1453,9 @@ async def validate_and_get_payload_from_token_v0(
                     message=messages["INCORRECT_REFRESH_TOKEN"], log=str(error)
                 )
 
-            return JSONResponse(
+            raise HTTPException(
                 status_code=status.HTTP_400_BAD_REQUEST,
-                content=output_content,
+                detail=output_content,
             )
 
         """
@@ -1302,6 +1471,7 @@ async def validate_and_get_payload_from_token_v0(
         )
         return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
     except HTTPException as http_exception:
+        global_object_square_logger.logger.error(http_exception, exc_info=True)
         return JSONResponse(
             status_code=http_exception.status_code, content=http_exception.detail
         )

{square_authentication-5.0.1 → square_authentication-5.1.1}/square_authentication/utils/encryption.py

@@ -4,7 +4,10 @@ from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 
+from square_authentication.configuration import global_object_square_logger
 
+
+@global_object_square_logger.auto_logger
 def encrypt(key, plaintext):
     # Ensure the key length is 16, 24, or 32 bytes for AES
     key = key.ljust(32)[:32].encode('utf-8')
@@ -28,7 +31,7 @@ def encrypt(key, plaintext):
 
     return encoded_ciphertext
 
-
+@global_object_square_logger.auto_logger
 def decrypt(key, encoded_ciphertext):
     # Ensure the key length is 16, 24, or 32 bytes for AES
     key = key.ljust(32)[:32].encode('utf-8')

{square_authentication-5.0.1 → square_authentication-5.1.1}/square_authentication/utils/token.py

@@ -1,7 +1,10 @@
 import jwt
 from jwt.exceptions import ExpiredSignatureError, DecodeError, InvalidTokenError
 
+from square_authentication.configuration import global_object_square_logger
 
+
+@global_object_square_logger.auto_logger
 def get_jwt_payload(token, secret_key):
     try:
         # Decode the token and verify the signature

{square_authentication-5.0.1 → square_authentication-5.1.1}/square_authentication.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: square-authentication
-Version: 5.0.1
+Version: 5.1.1
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -32,6 +32,17 @@ pip install square_authentication
 
 ## changelog
 
+### v5.1.1
+
+- add logger decorator in all functions.
+- add error logs in all endpoints.
+
+### v5.1.0
+
+- Core
+    - add logout/apps/v0.
+    - add logout/all/v0.
+
 ### v5.0.1
 
 - fix typo in return value of get_user_details_v0.
@@ -116,3 +127,4 @@ pip install square_authentication
 
 ## Feedback is appreciated. Thank you!
 
+