The documentation was missing a hint that the `AccessToken` ODM model has to be added to the `document_models` array argument for Beanie to know this model.
Improvements
------------
* Ensure the reset password token can be used only once.
* Change JWT access token structure to use standard `sub` claim instead of `user_id`.
* ⚠ Existing JWT will be invalidated
* Change verify and reset password tokens structure to use standard `sub` claim instead of `user_id`.
Improvements
------------
* Bump `httpx-oauth >=0.4,<0.11`
* With `httpx-oauth >= 0.10`, the OAuth2 client may be not able to return an email address depending on the OAuth Provider. In this case, the error `OAUTH_NOT_AVAILABLE_EMAIL` is raised during `/callback`. [[Documentation](https://fastapi-users.github.io/fastapi-users/10.2/usage/routes/#get-callback)]
* Enable Python 3.11 support in CI
New features
------------
* Trigger custom logic after user login with `on_after_login`. [[Documentation]()] Thanks @antont 🎉
Improvements
------------
* Bump dependencies:
* `email-validator >=1.1.0,<1.4`
* `pyjwt[crypto] ==2.5.0`
* Use Hatch for environment and package management
* on_after_login minimal impl.
Questions: is the spot logical for after method? Is after the internal login call.
Would before_login be needed? Maybe not, as auth is the way to do pre-login things.
Added fastapi request as a param just in case, as other callbacks had it too.
Docs addition is missing.
* tried to complete the implementation, but the test with user_manager.on_after_login.called fails though
* move on_after_login tests to right place, to TestLogin. These ones pass.
TODO: check TestCallback
* on_after_login tests to TestCallback too, for oauth. Apparently test_redirect_url_router fires the callback too, I guess that's correct, am not using oauth myself.
* fix formatting with make format
* docs for on_after_login
Co-authored-by: Toni Alatalo <toni.alatalo@gmail.com>
* Fix: LoginResponse is set to application/json, and should return response with status code 204 when body is empty.
The database backend login response is a cookie header with empty body. This causes issues when integrating the openapi schema into openapi-generator. Because the code generator expects the response to be a JSON when the status code isn't 204.
* Fix: Bump fastapi version to appropriate version for status code 204 handling.
* Build a full response for CookieTransport login_response
Co-authored-by: Can H. Tartanoglu <2947298-caniko@users.noreply.gitlab.com>
Co-authored-by: François Voron <fvoron@gmail.com>
