New features
------------
* Trigger custom logic after user login with `on_after_login`. [[Documentation]()] Thanks @antont 🎉
Improvements
------------
* Bump dependencies:
* `email-validator >=1.1.0,<1.4`
* `pyjwt[crypto] ==2.5.0`
* Use Hatch for environment and package management
* on_after_login minimal impl.
Questions: is the spot logical for after method? Is after the internal login call.
Would before_login be needed? Maybe not, as auth is the way to do pre-login things.
Added fastapi request as a param just in case, as other callbacks had it too.
Docs addition is missing.
* tried to complete the implementation, but the test with user_manager.on_after_login.called fails though
* move on_after_login tests to right place, to TestLogin. These ones pass.
TODO: check TestCallback
* on_after_login tests to TestCallback too, for oauth. Apparently test_redirect_url_router fires the callback too, I guess that's correct, am not using oauth myself.
* fix formatting with make format
* docs for on_after_login
Co-authored-by: Toni Alatalo <toni.alatalo@gmail.com>
* Fix: LoginResponse is set to application/json, and should return response with status code 204 when body is empty.
The database backend login response is a cookie header with empty body. This causes issues when integrating the openapi schema into openapi-generator. Because the code generator expects the response to be a JSON when the status code isn't 204.
* Fix: Bump fastapi version to appropriate version for status code 204 handling.
* Build a full response for CookieTransport login_response
Co-authored-by: Can H. Tartanoglu <2947298-caniko@users.noreply.gitlab.com>
Co-authored-by: François Voron <fvoron@gmail.com>
* Use a generic Protocol model for User instead of Pydantic
* Remove UserDB Pydantic schema
* Harmonize schema variable naming to avoid confusions
* Revamp OAuth account model management
* Revamp AccessToken DB strategy to adopt generic model approach
* Make ID a generic instead of forcing UUIDs
* Improve generic typing
* Improve Strategy typing
* Tweak base DB typing
* Don't set Pydantic schemas on FastAPIUsers class: pass it directly on router creation
* Add IntegerIdMixin and export related classes
* Start to revamp doc for V10
* Revamp OAuth documentation
* Fix code highlights
* Write the 9.x.x ➡️ 10.x.x migration doc
* Fix pyproject.toml
* Implement RS256 for JWT auth
* Update docs with RS256 example
* Added ES256 tests
* Format with isort and black
* Removed example RSA key pair (so as not to tempt people to use it)
* Added pyjwt[crypto] to requirements
* Removed pycryptodome by hardcoding example keys
* Removed unnecessary Tuple import from typing
* logout response sets proper response headers
logout response is using starlette delete cookie. In starlette the samesite and secure attributes are not in the header but are needed to set the removed cookie client side. Implementing set_cookie with an empty cookie-value and a max_age of 0 will set a new expired cookie by the client.
related issue #846
* fixed linting
Co-authored-by: Pentem <martijn.pentenga@movares.nl>
