square-authentication 8.0.2__py3-none-any.whl → 9.0.1__py3-none-any.whl

square_authentication/configuration.py

@@ -108,7 +108,7 @@ try:
     ]
     # ===========================================
     # ===========================================
-    # GOOGLE
+    # LOGIC
 
     NUMBER_OF_RECOVERY_CODES = int(
         ldict_configuration["LOGIC"]["NUMBER_OF_RECOVERY_CODES"]
@@ -129,6 +129,16 @@ try:
     NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = int(
         ldict_configuration["LOGIC"]["NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE"]
     )
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = int(
+        ldict_configuration["LOGIC"][
+            "RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS"
+        ]
+    )
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = int(
+        ldict_configuration["LOGIC"][
+            "RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS"
+        ]
+    )
     # ===========================================
 
     # Initialize logger

square_authentication/data/config.sample.ini

@@ -64,4 +64,6 @@ NUMBER_OF_RECOVERY_CODES = 10
 EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 600
 NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE = 6
 EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 600
-NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 60
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 60

square_authentication/data/config.testing.sample.ini

@@ -64,4 +64,6 @@ NUMBER_OF_RECOVERY_CODES = 10
 EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 600
 NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE = 6
 EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 600
-NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 60
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 60

square_authentication/routes/core.py

@@ -58,6 +58,7 @@ from square_authentication.configuration import (
     NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE,
     EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
     global_object_square_file_store_helper,
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
 )
 from square_authentication.messages import messages
 from square_authentication.pydantic_models.core import (
@@ -1975,6 +1976,7 @@ async def update_password_v0(
 @router.get("/validate_and_get_payload_from_token/v0")
 @global_object_square_logger.auto_logger()
 async def validate_and_get_payload_from_token_v0(
+    app_id: int,
     token: Annotated[str, Header()],
     token_type: TokenType = Query(...),
 ):
@@ -2022,6 +2024,15 @@ async def validate_and_get_payload_from_token_v0(
                         status_code=status.HTTP_400_BAD_REQUEST,
                         detail=output_content,
                     )
+            if local_dict_token_payload["app_id"] != app_id:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log=f"app_id: {app_id} does not match with token app_id: {local_dict_token_payload['app_id']}.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
         except HTTPException as http_exception:
             raise
         except Exception as error:
@@ -2830,7 +2841,57 @@ async def send_reset_password_email_v0(
                 log="email is not verified.",
             )
             return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
-
+        # check if reset password code already exists
+        local_list_response_user_verification_code = global_object_square_database_helper.get_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserVerificationCode.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserVerificationCode.user_id.name: FilterConditionsV0(eq=user_id),
+                    UserVerificationCode.user_verification_code_type.name: FilterConditionsV0(
+                        eq=VerificationCodeTypeEnum.EMAIL_RECOVERY.value
+                    ),
+                    UserVerificationCode.user_verification_code_used_at.name: FilterConditionsV0(
+                        is_null=True
+                    ),
+                    UserVerificationCode.user_verification_code_expires_at.name: FilterConditionsV0(
+                        gte=datetime.now(timezone.utc).strftime(
+                            "%Y-%m-%d %H:%M:%S.%f+00"
+                        )
+                    ),
+                }
+            ),
+            order_by=[
+                "-" + UserVerificationCode.user_verification_code_created_at.name
+            ],
+            limit=1,
+            apply_filters=True,
+        )[
+            "data"
+        ][
+            "main"
+        ]
+        if len(local_list_response_user_verification_code) > 0:
+            existing_verification_code_data = (
+                local_list_response_user_verification_code[0]
+            )
+            if (
+                datetime.now(timezone.utc)
+                - datetime.fromisoformat(
+                    existing_verification_code_data[
+                        UserVerificationCode.user_verification_code_created_at.name
+                    ]
+                )
+            ).total_seconds() < RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log="verification code already exists and was sent within the cooldown period.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
         """
         main process
         """
@@ -2904,9 +2965,13 @@ async def send_reset_password_email_v0(
         """
         return value
         """
+        cooldown_reset_at = datetime.now(timezone.utc) + timedelta(
+            seconds=EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
+        )
         output_content = get_api_output_in_standard_format(
             data={
                 "expires_at": expires_at.isoformat(),
+                "cooldown_reset_at": cooldown_reset_at.isoformat(),
             },
             message=messages["GENERIC_ACTION_SUCCESSFUL"],
         )

square_authentication/routes/profile.py

@@ -32,6 +32,7 @@ from square_authentication.configuration import (
     MAIL_GUN_API_KEY,
     NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE,
     EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS,
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS,
 )
 from square_authentication.messages import messages
 from square_authentication.pydantic_models.profile import (
@@ -357,6 +358,53 @@ async def send_verification_email_v0(
                 message=messages["EMAIL_ALREADY_VERIFIED"]
             )
             return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+        # check if email verification code already exists
+        existing_verification_code_response = global_object_square_database_helper.get_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserVerificationCode.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserVerificationCode.user_id.name: FilterConditionsV0(eq=user_id),
+                    UserVerificationCode.user_verification_code_type.name: FilterConditionsV0(
+                        eq=VerificationCodeTypeEnum.EMAIL_VERIFICATION.value
+                    ),
+                    UserVerificationCode.user_verification_code_used_at.name: FilterConditionsV0(
+                        is_null=True
+                    ),
+                    UserVerificationCode.user_verification_code_expires_at.name: FilterConditionsV0(
+                        gte=datetime.now(timezone.utc).strftime(
+                            "%Y-%m-%d %H:%M:%S.%f+00"
+                        )
+                    ),
+                }
+            ),
+            order_by=[
+                "-" + UserVerificationCode.user_verification_code_created_at.name
+            ],
+            limit=1,
+            apply_filters=True,
+        )
+        if len(existing_verification_code_response["data"]["main"]) > 0:
+            existing_verification_code_data = existing_verification_code_response[
+                "data"
+            ]["main"][0]
+            if (
+                datetime.now(timezone.utc)
+                - datetime.fromisoformat(
+                    existing_verification_code_data[
+                        UserVerificationCode.user_verification_code_created_at.name
+                    ]
+                )
+            ).total_seconds() < RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log="verification code already exists and was sent within the cooldown period.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
 
         """
         main process
@@ -431,9 +479,13 @@ async def send_verification_email_v0(
         """
         return value
         """
+        cooldown_reset_at = datetime.now(timezone.utc) + timedelta(
+            seconds=RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS
+        )
         output_content = get_api_output_in_standard_format(
             data={
                 "expires_at": expires_at.isoformat(),
+                "cooldown_reset_at": cooldown_reset_at.isoformat(),
             },
             message=messages["GENERIC_ACTION_SUCCESSFUL"],
         )

{square_authentication-8.0.2.dist-info → square_authentication-9.0.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: square_authentication
-Version: 8.0.2
+Version: 9.0.1
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -54,6 +54,23 @@ pip install square_authentication
 
 ## changelog
 
+### v9.0.1
+
+- env
+    - add RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS and
+      RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS in LOGIC section.
+- profile
+    - add validation for email verification code already sent in send_verification_email_v0.
+    - add cooldown_reset_at in send_verification_email_v0 output.
+- core
+    - add validation for email password reset code already sent in send_reset_password_email_v0.
+    - add cooldown_reset_at in send_reset_password_email_v0 output.
+
+### v9.0.0
+
+- core
+    - **breaking change**: new mandatory parameter `app_id` in validate_and_get_payload_from_token_v0.
+
 ### v8.0.2
 
 - core

{square_authentication-8.0.2.dist-info → square_authentication-9.0.1.dist-info}/RECORD

@@ -1,21 +1,21 @@
 square_authentication/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-square_authentication/configuration.py,sha256=6M_5Ua7HQblPdBDeywSyelkvhkrsaTmbqWyMKpVV5HU,6045
+square_authentication/configuration.py,sha256=7LAvXlH-qZf1rORcidQL_dUGGp04EqAQeq-5X_EZy4s,6450
 square_authentication/main.py,sha256=nhkv8U4E9b7VIH7Aaj8iMWIwA4VIL-vzRXjZaYEFWPw,1755
 square_authentication/messages.py,sha256=yDyr3SpBKg5KHb7dUDIUnpuz21EEAg3dnoaLnvX0IcU,2812
-square_authentication/data/config.sample.ini,sha256=3vn0s5USfksmjVERgk2fIF97Tvzrsjm8xNAOqt5zZoE,1523
-square_authentication/data/config.testing.sample.ini,sha256=uXUq3Isz2x5fpRcRoQqY-U2t7ZIGgo5c5zoWBgJ8scI,1570
+square_authentication/data/config.sample.ini,sha256=PfXgXZxUGE9RBqe_WOr27jKRnC_rRQ-E63UJ0KSfGYU,1657
+square_authentication/data/config.testing.sample.ini,sha256=Hh-y_8HDGHhT4wlZ_tTjOWR8PaMUgcCDUFX3hegWmO0,1704
 square_authentication/pydantic_models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 square_authentication/pydantic_models/core.py,sha256=7H1N1y8VpPA_-NrudX8j0YG_YzpHnPXZuwtGaKRPSy0,1268
 square_authentication/pydantic_models/profile.py,sha256=tq7RJMfbMBMi7FaRQksWJR3Iucr2l8P2ziKgQvV4owg,110
 square_authentication/routes/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-square_authentication/routes/core.py,sha256=NjdWJfB7R45BIgEJJYd5sB6RNeKkk4D1cEBNguPF8-k,132070
-square_authentication/routes/profile.py,sha256=4J-_ulVW0bDkoDO1utdzv_2_OraGbtVnQmcpws3Ecu4,24466
+square_authentication/routes/core.py,sha256=0pOgKrNPinkj2wcv9eVvagt5YlbP9TsREAJWgxN5ZwE,135169
+square_authentication/routes/profile.py,sha256=NbOmNWSRM-O28kDexwSEXd3u7tYYYvQGUMDMDkZ2XP8,27033
 square_authentication/routes/utility.py,sha256=KDr8KdkT0jAGPjfP-b5XXYG7p49WU7J1FiK6oSIckQI,1779
 square_authentication/utils/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 square_authentication/utils/core.py,sha256=2jMPnbbURNIMiajYfWIlGNblI7DocWNPZcU_psAq4SE,1567
 square_authentication/utils/encryption.py,sha256=WakaiEAgWpTJltxBzqOtv81_DCDKfzJqt60fWSPoNvo,2027
 square_authentication/utils/token.py,sha256=t-RPBY4cYyT1ro3lkLBTOy2BeRGBfluBVBivL5DLmDg,680
-square_authentication-8.0.2.dist-info/METADATA,sha256=5rwH4hvFeD_6oT60QBEa42sD3n2Eghq0Ir70Yk69lws,8737
-square_authentication-8.0.2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-square_authentication-8.0.2.dist-info/top_level.txt,sha256=wDssVJIl9KIEJPj5rR3rv4uRI7yCndMBrvHd_6BGXQA,22
-square_authentication-8.0.2.dist-info/RECORD,,
+square_authentication-9.0.1.dist-info/METADATA,sha256=Rv8IBgLRVHTLDFQ7QCbAUB4AHDqPr1KENMEKsrNkioo,9382
+square_authentication-9.0.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+square_authentication-9.0.1.dist-info/top_level.txt,sha256=wDssVJIl9KIEJPj5rR3rv4uRI7yCndMBrvHd_6BGXQA,22
+square_authentication-9.0.1.dist-info/RECORD,,