Commit Graph

213 Commits

Author SHA1 Message Date
Alexandr Makurin
e6125905e0 Fix #865 (#866)
* Fix #865

* Add # pragma: no cover to all try blocks

* Fix same issue with root module
2022-01-15 10:50:06 +01:00
François Voron
0a8661b762 Bump version: 9.2.0 → 9.2.1 2022-01-10 12:58:48 +01:00
Hazedd
7138143923 Patch 2 (#855)
* logout response sets proper response headers

logout response is using starlette delete cookie. In starlette the samesite and secure attributes are not in the header but are needed to set the removed cookie client side. Implementing set_cookie with an empty cookie-value and a max_age of 0 will set a new expired cookie by the client.

related issue #846

* fixed linting

Co-authored-by: Pentem <martijn.pentenga@movares.nl>
2022-01-10 09:05:36 +01:00
François Voron
896813d278 Bump version: 9.1.1 → 9.2.0 2022-01-04 16:03:47 +01:00
David Brochart
79557eead4 Allow lifetime_seconds=None (#835) 2022-01-03 12:05:55 +01:00
François Voron
d469bace6e Bump version: 9.1.0 → 9.1.1 2022-01-03 11:29:05 +01:00
François Voron
1ede89933a Revert "Enable Argon2 for password hashing"
This reverts commit 123328c559.
2022-01-03 10:37:15 +01:00
François Voron
123328c559 Enable Argon2 for password hashing 2021-12-31 16:05:00 +01:00
François Voron
96a086c60f Bump version: 9.0.1 → 9.1.0 2021-12-31 14:44:07 +01:00
François Voron
53271a32c5 Implement database strategy (#833)
* Implement database strategy

* Export generic AccessToken type

* Apply formatting
2021-12-31 14:43:39 +01:00
François Voron
223253d86c Bump version: 9.0.0 → 9.0.1 2021-12-30 15:47:37 +01:00
François Voron
dc15309b09 Fix ImportError when redis optional dependency not installed 2021-12-30 15:47:31 +01:00
François Voron
925dad5207 Bump version: 8.1.4 → 9.0.0 2021-12-30 15:25:51 +01:00
François Voron
c4de66b81c Revamp authentication (#831)
* Implement Transport classes

* Implement authentication strategy classes

* Revamp authentication with Transport and Strategy

* Revamp strategy and OAuth so that they can use a callable dependency

* Update docstring

* Make ErrorCode a proper Enum and cleanup unused OpenAPI utils

* Remove useless check

* Tweak typing in authenticator

* Update docs

* Improve logout/destroy token logic

* Update docs

* Update docs

* Update docs and full examples

* Apply formatting to examples

* Update OAuth doc and examples

* Add migration doc

* Implement Redis session token

* Add Redis Session documentation

* RedisSession -> Redis

* Fix links in docs
2021-12-30 15:22:07 +01:00
François Voron
72ab480aba Bump version: 8.1.3 → 8.1.4 2021-12-29 13:25:42 +01:00
Matyáš Richter
2e8f1f2eb2 Fixed #823 (#824)
* Added a failing test for the multi-oauth-router issue

* Fixed the #823 regression.

Using a regex for the backend name validation instead of an enum.

* Fixed formatting errors

* Moved the `AuthenticationBackendName` enum to `Authenticator`

This prevents an issue with OpenAPI schema generation caused by two
endpoints accepting a parameter with a duplicate name.
2021-12-29 13:25:15 +01:00
François Voron
e0ae193848 Bump version: 8.1.2 → 8.1.3 2021-12-07 15:04:27 +01:00
Matyáš Richter
c759bb6915 Extending generated OpenAPI docs (#799)
* Added login endpoint docs

* make format

* Changed login route into multiple examples.

* Added reset password router docs

* Updated /{id} routes for user

* Updated /me routes

* Fixed user already exists response description

* Updated the /register route

* Updated verify routes

* Updated oauth2 endpoints.

* Applied `make format`

* Renamed Authentication methods for getting their openapi schemas

- `get_login_responses_success` -> `get_openapi_login_responses_success`
- `get_logout_responses_success` -> `get_openapi_logout_responses_success`

* Fixed flake8 errors

* Not using `Final` to keep python37 compatibility

Co-authored-by: François Voron <fvoron@gmail.com>
2021-11-23 13:13:51 +01:00
Matyáš Richter
48d1be87a4 Added codestyle check and lint to the build action (#798)
* Applied `make format`

* Added format-check to makefile

* Added a "Check codestyle" step to the build action.

* Rerun `make format`

* Added a "lint" target to makefile

* Added lint step to the build action

* Added W503 to the list of ignored flake8 errors.

See https://www.flake8rules.com/rules/W503.html
2021-11-23 08:13:11 +01:00
Matyáš Richter
f578a01a8b Updated OAuth2 router generator for better OpenAPI docs (#793)
* Added OAuth2 authorize route response_model

* Changed OAuth2 "authorize" route backend param type.

On OAuth2 router creation, an enum is created for the `authentication_backend` parameter. This allows us to generate OpenAPI docs correctly.

* Reformatted with "make format"

* Updated OAuth2 authorize url docs

- /authorize now returns 422 instead of 400 for an invalid authentication backend
2021-11-10 07:55:40 +01:00
Ikko Ashimine
4d28d7d6ba Fix typo in manager.py (#791)
successfull -> successful
2021-11-07 13:24:51 +01:00
François Voron
9d064a5325 Bump version: 8.1.1 → 8.1.2 2021-11-07 11:33:39 +01:00
jakemanger
9eb49482c7 Users now become unverified when email is changed (#783)
* Users now become unverified when email is changed

Occurs when updating user.email to a new value

* changed wording
2021-11-07 10:04:06 +01:00
PovilasK
1e40104ed5 Remove duplicate (#777)
Remove duplicate `user_db_model`
2021-11-02 08:13:24 +01:00
Brandon H. Goding
0c45cbc179 Add a name on every route #762 (#774)
* Names for urls added

* Tests for Login/Logout Names

* Register Name Test

* tests/test_router_reset.py

* Tests to verify url names in users router

* Test Verify Router Names

* oauth routes updated with prefix

* Test for authorize.  Didn't right test for callback as covered under other tests
2021-11-02 08:12:43 +01:00
Yasser Tahiri
872b85de03 Code Expression (#1) (#767)
* Replace unused `for` index with underscore

* Use `items()` to directly unpack dictionary values

* Merge duplicate blocks in conditional

* Use `any()` instead of for loop

* Format __init__.py
2021-10-16 09:29:34 +02:00
François Voron
057cf48fe1 Bump version: 8.1.0 → 8.1.1 2021-10-11 08:16:48 +02:00
maximka1221
b33371542f Fixed bug with custom reset token audience.
When adding a custom reset token audience, we still use the default one in the creation of the JWT token instead of the custom one.
2021-09-23 12:54:13 +03:00
François Voron
0826ec5299 Bump version: 8.0.0 → 8.1.0 2021-09-21 08:35:06 +02:00
François Voron
eb47dc8e75 Pass user_manager instance in get_login_response/get_logout_response 2021-09-21 08:28:25 +02:00
François Voron
e819bb0b65 Add get_enabled_backends advanced feature 2021-09-21 08:20:07 +02:00
François Voron
a82dfc262d Bump version: 8.0.0b3 → 8.0.0 2021-09-20 08:51:50 +02:00
François Voron
ab06778adf Fix #733: don't raise error when updating user with same email 2021-09-20 08:49:19 +02:00
François Voron
5a4e57c206 Bump version: 8.0.0b2 → 8.0.0b3 2021-09-20 07:49:05 +02:00
François Voron
e31a0a99b5 Bump version: 8.0.0b1 → 8.0.0b2 2021-09-17 11:25:35 +02:00
François Voron
69f18cff47 Put user_db_model as attribute of UserManager 2021-09-17 11:24:49 +02:00
François Voron
913cd5cb2a Bump version: 7.0.0 → 8.0.0b1 2021-09-17 10:30:27 +02:00
François Voron
a8638118f6 Export BaseUserManager from main module 2021-09-15 16:13:06 +02:00
François Voron
eda3676fd0 Small tweaks 2021-09-15 16:11:53 +02:00
François Voron
018771cf73 Add manager docstrings 2021-09-15 16:00:58 +02:00
François Voron
de86456af2 Add some manager tests 2021-09-15 15:20:28 +02:00
François Voron
5cba969679 Refactor verify logic into manager 2021-09-15 14:36:04 +02:00
François Voron
3bdae94869 Refactor OAuth logic into manager 2021-09-15 11:57:17 +02:00
François Voron
9673e0a5fd Move on_after_update to manager 2021-09-15 09:34:28 +02:00
François Voron
663b7405a7 Move forgot/reset password logic to manager 2021-09-15 09:13:11 +02:00
François Voron
38d4aed817 Move on_after_register to manager 2021-09-14 15:02:17 +02:00
François Voron
8967138375 Inject a user manager dep callable directly to FastAPIUsers 2021-09-14 14:39:59 +02:00
François Voron
480a6bc4df Move validate_password into UserManager 2021-09-14 14:01:57 +02:00
François Voron
fdc8e54253 Improve generic typing 2021-09-14 11:53:43 +02:00
François Voron
dade8c263d Revamp implementation with a manager layer and db class as dependency callable 2021-09-14 11:12:34 +02:00