Commit Graph

226 Commits

Author SHA1 Message Date
François Voron
05042b5a1e Bump version: 9.3.0 → 9.3.1 2022-04-21 11:23:10 +02:00
Richard Friberg
18954cc7bd Add simple solution to update of oauth with more consistent use of identifiers (#953) 2022-04-21 11:06:21 +02:00
François Voron
6ba70bdbc6 Bump version: 9.2.6 → 9.3.0 2022-03-22 15:12:19 +01:00
François Voron
7f6d038d91 Create a class helper to let configure the password hasher dynamically 2022-03-22 14:16:49 +01:00
Joe Taylor
b054383fbf Enable RS256/ES256 and other algorithms for JWT strategy (#943)
* Implement RS256 for JWT auth

* Update docs with RS256 example

* Added ES256 tests

* Format with isort and black

* Removed example RSA key pair (so as not to tempt people to use it)

* Added pyjwt[crypto] to requirements

* Removed pycryptodome by hardcoding example keys

* Removed unnecessary Tuple import from typing
2022-03-22 10:28:00 +01:00
François Voron
0db2ce9d9e Bump version: 9.2.5 → 9.2.6 2022-03-16 09:05:43 +01:00
François Voron
06ad0371fb Bump version: 9.2.4 → 9.2.5 2022-02-18 11:11:55 +01:00
François Voron
e79b34ed35 Fix #922: allow DependencyCallable type to be generators 2022-02-18 11:04:56 +01:00
Gaganpreet
04e432acad Unique names for routes (#916) 2022-02-11 08:07:45 +01:00
François Voron
29cfe8ae5e Bump version: 9.2.3 → 9.2.4 2022-02-07 08:57:19 +01:00
François Voron
e3923d14b9 Bump version: 9.2.2 → 9.2.3 2022-02-01 09:29:58 +01:00
François Voron
0583d7c88e Bump version: 9.2.1 → 9.2.2 2022-01-15 11:22:59 +01:00
François Voron
533504634f Improve dependencies typing 2022-01-15 11:08:49 +01:00
Alexandr Makurin
e6125905e0 Fix #865 (#866)
* Fix #865

* Add # pragma: no cover to all try blocks

* Fix same issue with root module
2022-01-15 10:50:06 +01:00
François Voron
0a8661b762 Bump version: 9.2.0 → 9.2.1 2022-01-10 12:58:48 +01:00
Hazedd
7138143923 Patch 2 (#855)
* logout response sets proper response headers

logout response is using starlette delete cookie. In starlette the samesite and secure attributes are not in the header but are needed to set the removed cookie client side. Implementing set_cookie with an empty cookie-value and a max_age of 0 will set a new expired cookie by the client.

related issue #846

* fixed linting

Co-authored-by: Pentem <martijn.pentenga@movares.nl>
2022-01-10 09:05:36 +01:00
François Voron
896813d278 Bump version: 9.1.1 → 9.2.0 2022-01-04 16:03:47 +01:00
David Brochart
79557eead4 Allow lifetime_seconds=None (#835) 2022-01-03 12:05:55 +01:00
François Voron
d469bace6e Bump version: 9.1.0 → 9.1.1 2022-01-03 11:29:05 +01:00
François Voron
1ede89933a Revert "Enable Argon2 for password hashing"
This reverts commit 123328c559.
2022-01-03 10:37:15 +01:00
François Voron
123328c559 Enable Argon2 for password hashing 2021-12-31 16:05:00 +01:00
François Voron
96a086c60f Bump version: 9.0.1 → 9.1.0 2021-12-31 14:44:07 +01:00
François Voron
53271a32c5 Implement database strategy (#833)
* Implement database strategy

* Export generic AccessToken type

* Apply formatting
2021-12-31 14:43:39 +01:00
François Voron
223253d86c Bump version: 9.0.0 → 9.0.1 2021-12-30 15:47:37 +01:00
François Voron
dc15309b09 Fix ImportError when redis optional dependency not installed 2021-12-30 15:47:31 +01:00
François Voron
925dad5207 Bump version: 8.1.4 → 9.0.0 2021-12-30 15:25:51 +01:00
François Voron
c4de66b81c Revamp authentication (#831)
* Implement Transport classes

* Implement authentication strategy classes

* Revamp authentication with Transport and Strategy

* Revamp strategy and OAuth so that they can use a callable dependency

* Update docstring

* Make ErrorCode a proper Enum and cleanup unused OpenAPI utils

* Remove useless check

* Tweak typing in authenticator

* Update docs

* Improve logout/destroy token logic

* Update docs

* Update docs

* Update docs and full examples

* Apply formatting to examples

* Update OAuth doc and examples

* Add migration doc

* Implement Redis session token

* Add Redis Session documentation

* RedisSession -> Redis

* Fix links in docs
2021-12-30 15:22:07 +01:00
François Voron
72ab480aba Bump version: 8.1.3 → 8.1.4 2021-12-29 13:25:42 +01:00
Matyáš Richter
2e8f1f2eb2 Fixed #823 (#824)
* Added a failing test for the multi-oauth-router issue

* Fixed the #823 regression.

Using a regex for the backend name validation instead of an enum.

* Fixed formatting errors

* Moved the `AuthenticationBackendName` enum to `Authenticator`

This prevents an issue with OpenAPI schema generation caused by two
endpoints accepting a parameter with a duplicate name.
2021-12-29 13:25:15 +01:00
François Voron
e0ae193848 Bump version: 8.1.2 → 8.1.3 2021-12-07 15:04:27 +01:00
Matyáš Richter
c759bb6915 Extending generated OpenAPI docs (#799)
* Added login endpoint docs

* make format

* Changed login route into multiple examples.

* Added reset password router docs

* Updated /{id} routes for user

* Updated /me routes

* Fixed user already exists response description

* Updated the /register route

* Updated verify routes

* Updated oauth2 endpoints.

* Applied `make format`

* Renamed Authentication methods for getting their openapi schemas

- `get_login_responses_success` -> `get_openapi_login_responses_success`
- `get_logout_responses_success` -> `get_openapi_logout_responses_success`

* Fixed flake8 errors

* Not using `Final` to keep python37 compatibility

Co-authored-by: François Voron <fvoron@gmail.com>
2021-11-23 13:13:51 +01:00
Matyáš Richter
48d1be87a4 Added codestyle check and lint to the build action (#798)
* Applied `make format`

* Added format-check to makefile

* Added a "Check codestyle" step to the build action.

* Rerun `make format`

* Added a "lint" target to makefile

* Added lint step to the build action

* Added W503 to the list of ignored flake8 errors.

See https://www.flake8rules.com/rules/W503.html
2021-11-23 08:13:11 +01:00
Matyáš Richter
f578a01a8b Updated OAuth2 router generator for better OpenAPI docs (#793)
* Added OAuth2 authorize route response_model

* Changed OAuth2 "authorize" route backend param type.

On OAuth2 router creation, an enum is created for the `authentication_backend` parameter. This allows us to generate OpenAPI docs correctly.

* Reformatted with "make format"

* Updated OAuth2 authorize url docs

- /authorize now returns 422 instead of 400 for an invalid authentication backend
2021-11-10 07:55:40 +01:00
Ikko Ashimine
4d28d7d6ba Fix typo in manager.py (#791)
successfull -> successful
2021-11-07 13:24:51 +01:00
François Voron
9d064a5325 Bump version: 8.1.1 → 8.1.2 2021-11-07 11:33:39 +01:00
jakemanger
9eb49482c7 Users now become unverified when email is changed (#783)
* Users now become unverified when email is changed

Occurs when updating user.email to a new value

* changed wording
2021-11-07 10:04:06 +01:00
PovilasK
1e40104ed5 Remove duplicate (#777)
Remove duplicate `user_db_model`
2021-11-02 08:13:24 +01:00
Brandon H. Goding
0c45cbc179 Add a name on every route #762 (#774)
* Names for urls added

* Tests for Login/Logout Names

* Register Name Test

* tests/test_router_reset.py

* Tests to verify url names in users router

* Test Verify Router Names

* oauth routes updated with prefix

* Test for authorize.  Didn't right test for callback as covered under other tests
2021-11-02 08:12:43 +01:00
Yasser Tahiri
872b85de03 Code Expression (#1) (#767)
* Replace unused `for` index with underscore

* Use `items()` to directly unpack dictionary values

* Merge duplicate blocks in conditional

* Use `any()` instead of for loop

* Format __init__.py
2021-10-16 09:29:34 +02:00
François Voron
057cf48fe1 Bump version: 8.1.0 → 8.1.1 2021-10-11 08:16:48 +02:00
maximka1221
b33371542f Fixed bug with custom reset token audience.
When adding a custom reset token audience, we still use the default one in the creation of the JWT token instead of the custom one.
2021-09-23 12:54:13 +03:00
François Voron
0826ec5299 Bump version: 8.0.0 → 8.1.0 2021-09-21 08:35:06 +02:00
François Voron
eb47dc8e75 Pass user_manager instance in get_login_response/get_logout_response 2021-09-21 08:28:25 +02:00
François Voron
e819bb0b65 Add get_enabled_backends advanced feature 2021-09-21 08:20:07 +02:00
François Voron
a82dfc262d Bump version: 8.0.0b3 → 8.0.0 2021-09-20 08:51:50 +02:00
François Voron
ab06778adf Fix #733: don't raise error when updating user with same email 2021-09-20 08:49:19 +02:00
François Voron
5a4e57c206 Bump version: 8.0.0b2 → 8.0.0b3 2021-09-20 07:49:05 +02:00
François Voron
e31a0a99b5 Bump version: 8.0.0b1 → 8.0.0b2 2021-09-17 11:25:35 +02:00
François Voron
69f18cff47 Put user_db_model as attribute of UserManager 2021-09-17 11:24:49 +02:00
François Voron
913cd5cb2a Bump version: 7.0.0 → 8.0.0b1 2021-09-17 10:30:27 +02:00