square-authentication 8.0.2__tar.gz → 9.0.1__tar.gz

{square_authentication-8.0.2 → square_authentication-9.0.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: square_authentication
-Version: 8.0.2
+Version: 9.0.1
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -54,6 +54,23 @@ pip install square_authentication
 
 ## changelog
 
+### v9.0.1
+
+- env
+    - add RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS and
+      RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS in LOGIC section.
+- profile
+    - add validation for email verification code already sent in send_verification_email_v0.
+    - add cooldown_reset_at in send_verification_email_v0 output.
+- core
+    - add validation for email password reset code already sent in send_reset_password_email_v0.
+    - add cooldown_reset_at in send_reset_password_email_v0 output.
+
+### v9.0.0
+
+- core
+    - **breaking change**: new mandatory parameter `app_id` in validate_and_get_payload_from_token_v0.
+
 ### v8.0.2
 
 - core

{square_authentication-8.0.2 → square_authentication-9.0.1}/README.md

@@ -16,6 +16,23 @@ pip install square_authentication
 
 ## changelog
 
+### v9.0.1
+
+- env
+    - add RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS and
+      RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS in LOGIC section.
+- profile
+    - add validation for email verification code already sent in send_verification_email_v0.
+    - add cooldown_reset_at in send_verification_email_v0 output.
+- core
+    - add validation for email password reset code already sent in send_reset_password_email_v0.
+    - add cooldown_reset_at in send_reset_password_email_v0 output.
+
+### v9.0.0
+
+- core
+    - **breaking change**: new mandatory parameter `app_id` in validate_and_get_payload_from_token_v0.
+
 ### v8.0.2
 
 - core

{square_authentication-8.0.2 → square_authentication-9.0.1}/setup.py

@@ -4,7 +4,7 @@ package_name = "square_authentication"
 
 setup(
     name=package_name,
-    version="8.0.2",
+    version="9.0.1",
     packages=find_packages(),
     package_data={
         package_name: ["data/*"],

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication/configuration.py

@@ -108,7 +108,7 @@ try:
     ]
     # ===========================================
     # ===========================================
-    # GOOGLE
+    # LOGIC
 
     NUMBER_OF_RECOVERY_CODES = int(
         ldict_configuration["LOGIC"]["NUMBER_OF_RECOVERY_CODES"]
@@ -129,6 +129,16 @@ try:
     NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = int(
         ldict_configuration["LOGIC"]["NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE"]
     )
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = int(
+        ldict_configuration["LOGIC"][
+            "RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS"
+        ]
+    )
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = int(
+        ldict_configuration["LOGIC"][
+            "RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS"
+        ]
+    )
     # ===========================================
 
     # Initialize logger

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication/data/config.sample.ini

@@ -64,4 +64,6 @@ NUMBER_OF_RECOVERY_CODES = 10
 EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 600
 NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE = 6
 EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 600
-NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 60
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 60

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication/data/config.testing.sample.ini

@@ -64,4 +64,6 @@ NUMBER_OF_RECOVERY_CODES = 10
 EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 600
 NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE = 6
 EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 600
-NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE = 6
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS = 60
+RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS = 60

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication/routes/core.py

@@ -58,6 +58,7 @@ from square_authentication.configuration import (
     NUMBER_OF_DIGITS_IN_EMAIL_PASSWORD_RESET_CODE,
     EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
     global_object_square_file_store_helper,
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
 )
 from square_authentication.messages import messages
 from square_authentication.pydantic_models.core import (
@@ -1975,6 +1976,7 @@ async def update_password_v0(
 @router.get("/validate_and_get_payload_from_token/v0")
 @global_object_square_logger.auto_logger()
 async def validate_and_get_payload_from_token_v0(
+    app_id: int,
     token: Annotated[str, Header()],
     token_type: TokenType = Query(...),
 ):
@@ -2022,6 +2024,15 @@ async def validate_and_get_payload_from_token_v0(
                         status_code=status.HTTP_400_BAD_REQUEST,
                         detail=output_content,
                     )
+            if local_dict_token_payload["app_id"] != app_id:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log=f"app_id: {app_id} does not match with token app_id: {local_dict_token_payload['app_id']}.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
         except HTTPException as http_exception:
             raise
         except Exception as error:
@@ -2830,7 +2841,57 @@ async def send_reset_password_email_v0(
                 log="email is not verified.",
             )
             return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
-
+        # check if reset password code already exists
+        local_list_response_user_verification_code = global_object_square_database_helper.get_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserVerificationCode.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserVerificationCode.user_id.name: FilterConditionsV0(eq=user_id),
+                    UserVerificationCode.user_verification_code_type.name: FilterConditionsV0(
+                        eq=VerificationCodeTypeEnum.EMAIL_RECOVERY.value
+                    ),
+                    UserVerificationCode.user_verification_code_used_at.name: FilterConditionsV0(
+                        is_null=True
+                    ),
+                    UserVerificationCode.user_verification_code_expires_at.name: FilterConditionsV0(
+                        gte=datetime.now(timezone.utc).strftime(
+                            "%Y-%m-%d %H:%M:%S.%f+00"
+                        )
+                    ),
+                }
+            ),
+            order_by=[
+                "-" + UserVerificationCode.user_verification_code_created_at.name
+            ],
+            limit=1,
+            apply_filters=True,
+        )[
+            "data"
+        ][
+            "main"
+        ]
+        if len(local_list_response_user_verification_code) > 0:
+            existing_verification_code_data = (
+                local_list_response_user_verification_code[0]
+            )
+            if (
+                datetime.now(timezone.utc)
+                - datetime.fromisoformat(
+                    existing_verification_code_data[
+                        UserVerificationCode.user_verification_code_created_at.name
+                    ]
+                )
+            ).total_seconds() < RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log="verification code already exists and was sent within the cooldown period.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
         """
         main process
         """
@@ -2904,9 +2965,13 @@ async def send_reset_password_email_v0(
         """
         return value
         """
+        cooldown_reset_at = datetime.now(timezone.utc) + timedelta(
+            seconds=EXPIRY_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS,
+        )
         output_content = get_api_output_in_standard_format(
             data={
                 "expires_at": expires_at.isoformat(),
+                "cooldown_reset_at": cooldown_reset_at.isoformat(),
             },
             message=messages["GENERIC_ACTION_SUCCESSFUL"],
         )

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication/routes/profile.py

@@ -32,6 +32,7 @@ from square_authentication.configuration import (
     MAIL_GUN_API_KEY,
     NUMBER_OF_DIGITS_IN_EMAIL_VERIFICATION_CODE,
     EXPIRY_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS,
+    RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS,
 )
 from square_authentication.messages import messages
 from square_authentication.pydantic_models.profile import (
@@ -357,6 +358,53 @@ async def send_verification_email_v0(
                 message=messages["EMAIL_ALREADY_VERIFIED"]
             )
             return JSONResponse(status_code=status.HTTP_200_OK, content=output_content)
+        # check if email verification code already exists
+        existing_verification_code_response = global_object_square_database_helper.get_rows_v0(
+            database_name=global_string_database_name,
+            schema_name=global_string_schema_name,
+            table_name=UserVerificationCode.__tablename__,
+            filters=FiltersV0(
+                root={
+                    UserVerificationCode.user_id.name: FilterConditionsV0(eq=user_id),
+                    UserVerificationCode.user_verification_code_type.name: FilterConditionsV0(
+                        eq=VerificationCodeTypeEnum.EMAIL_VERIFICATION.value
+                    ),
+                    UserVerificationCode.user_verification_code_used_at.name: FilterConditionsV0(
+                        is_null=True
+                    ),
+                    UserVerificationCode.user_verification_code_expires_at.name: FilterConditionsV0(
+                        gte=datetime.now(timezone.utc).strftime(
+                            "%Y-%m-%d %H:%M:%S.%f+00"
+                        )
+                    ),
+                }
+            ),
+            order_by=[
+                "-" + UserVerificationCode.user_verification_code_created_at.name
+            ],
+            limit=1,
+            apply_filters=True,
+        )
+        if len(existing_verification_code_response["data"]["main"]) > 0:
+            existing_verification_code_data = existing_verification_code_response[
+                "data"
+            ]["main"][0]
+            if (
+                datetime.now(timezone.utc)
+                - datetime.fromisoformat(
+                    existing_verification_code_data[
+                        UserVerificationCode.user_verification_code_created_at.name
+                    ]
+                )
+            ).total_seconds() < RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS:
+                output_content = get_api_output_in_standard_format(
+                    message=messages["GENERIC_400"],
+                    log="verification code already exists and was sent within the cooldown period.",
+                )
+                raise HTTPException(
+                    status_code=status.HTTP_400_BAD_REQUEST,
+                    detail=output_content,
+                )
 
         """
         main process
@@ -431,9 +479,13 @@ async def send_verification_email_v0(
         """
         return value
         """
+        cooldown_reset_at = datetime.now(timezone.utc) + timedelta(
+            seconds=RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS
+        )
         output_content = get_api_output_in_standard_format(
             data={
                 "expires_at": expires_at.isoformat(),
+                "cooldown_reset_at": cooldown_reset_at.isoformat(),
             },
             message=messages["GENERIC_ACTION_SUCCESSFUL"],
         )

{square_authentication-8.0.2 → square_authentication-9.0.1}/square_authentication.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: square_authentication
-Version: 8.0.2
+Version: 9.0.1
 Summary: authentication layer for my personal server.
 Home-page: https://github.com/thepmsquare/square_authentication
 Author: thePmSquare
@@ -54,6 +54,23 @@ pip install square_authentication
 
 ## changelog
 
+### v9.0.1
+
+- env
+    - add RESEND_COOL_DOWN_TIME_FOR_EMAIL_VERIFICATION_CODE_IN_SECONDS and
+      RESEND_COOL_DOWN_TIME_FOR_EMAIL_PASSWORD_RESET_CODE_IN_SECONDS in LOGIC section.
+- profile
+    - add validation for email verification code already sent in send_verification_email_v0.
+    - add cooldown_reset_at in send_verification_email_v0 output.
+- core
+    - add validation for email password reset code already sent in send_reset_password_email_v0.
+    - add cooldown_reset_at in send_reset_password_email_v0 output.
+
+### v9.0.0
+
+- core
+    - **breaking change**: new mandatory parameter `app_id` in validate_and_get_payload_from_token_v0.
+
 ### v8.0.2
 
 - core