Supertokens-python

Latest version: v0.22.1

Safety actively analyzes 638452 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 13 of 18

0.10.0

- Update tests to cover `resend_code` feature in `passwordless` and `thirdpartypasswordless` recipe.
- Update usermetadata tests to ensure that utf8 chars are supported.
- Mark tests as skipped if core version requirements are not met.
- Use [black](https://github.com/psf/black) instead of `autopep8` to format code.
- Add frontend integration tests for `django2x`

Bug fix:

- Clears cookies when `revoke_session` is called using the session container, even if the session did not exist from before: https://github.com/supertokens/supertokens-node/issues/343

Breaking changes:
- Change request arg type in session recipe functions from Any to BaseRequest.
- Changes session function recipe interfaces to not throw an `UNAUTHORISED` error when the input is a session_handle: https://github.com/supertokens/backend/issues/83
- `get_session_information` now returns `None` if the session does not exist.
- `update_session_data` now returns `False` if the input `session_handle` does not exist.
- `update_access_token_payload` now returns `False` if the input `session_handle` does not exist.
- `regenerate_access_token` now returns `None` if the input access token's `session_handle` does not exist.
- The `session_class` functions have not changed in behaviour and still throw `UNAUTHORISED` error. This works cause the `session_class` works on the current session and not some other session.


Features:
- Adds default `user_context` for API calls that contains the request object. It can be used in APIs / functions override like this:

python
def apis_override_email_password(param: APIInterface):
og_sign_in_post = param.sign_in_post

async def sign_in_post(
form_fields: List[FormField],
api_options: APIOptions,
user_context: Dict[str, Any],
):
req = user_context.get("_default", {}).get("request")
if req:
do something with the request

return await og_sign_in_post(form_fields, api_options, user_context)

param.sign_in_post = sign_in_post
return param

def functions_override_email_password(param: RecipeInterface):
og_sign_in = param.sign_in

async def sign_in(email: str, password: str, user_context: Dict[str, Any]):
req = user_context.get("_default", {}).get("request")
if req:
do something with the request

return await og_sign_in(email, password, user_context)

param.sign_in = sign_in
return param

init(
...,
recipe_list=[
emailpassword.init(
override=emailpassword.InputOverrideConfig(
apis=apis_override_email_password,
functions=functions_override_email_password,
)
),
session.init(),
],
)



Documentation
- Add more details in the `CONTRIBUTING.md` to make it beginner friendly.

0.9.1

Features:

- Introduce `userroles` recipe.
python
from supertokens_python import InputAppInfo, SupertokensConfig, init
from supertokens_python.recipe import userroles
from supertokens_python.recipe.userroles.asyncio import create_new_role_or_add_permissions, add_role_to_user

init(
supertokens_config=SupertokensConfig('http://localhost:3567'),
app_info=InputAppInfo(
app_name='SuperTokens Demo',
api_domain='https://api.supertokens.io',
website_domain='supertokens.io'
),
framework='flask',
recipe_list=[userroles.init()]
)

user_id = "userId"
role = "role"
permissions = ["perm1", "perm2"]

Functions to use inside your views:
Create a new role with a few permissions:
result = await create_new_role_or_add_permissions(role, permissions)
Add role to the user:
result = await add_role_to_user(user_id, role)
Check documentation for more examples..

0.9.0

Fixes
- Fixes Cookie same_site config validation.
- Remove `<Recipe>(Email|SMS)TemplateVars` in favour of `(Email|SMS)TemplateVars` for better DX.

Breaking change
- https://github.com/supertokens/supertokens-node/issues/220
- Adds `{status: "GENERAL_ERROR", message: string}` as a possible output to all the APIs.
- Changes `FIELD_ERROR` output status in third party recipe API to be `GENERAL_ERROR`.
- Replaced `FIELD_ERROR` status type in third party signinup API with `GENERAL_ERROR`.
- Removed `FIELD_ERROR` status type from third party signinup recipe function.
- If sms or email sending failed in passwordless recipe APIs, we now throw a regular JS error from the API as opposed to returning a `GENERAL_ERROR` to the client.
- If there is an error whilst getting the profile info about a user from a third party provider (in /signinup POST API), then we throw a regular JS error instead of returning a `GENERAL_ERROR` to the client.
- Make email and sms delivery ingredient interfaces developer friendly:
- Remove the need of `SMSDeliveryTwilioConfig`, `EmailDeliverySMTPConfig`, and `SupertokensServiceConfig`.
- Export `(.*)OverrideInput` and `(Email|SMS)DeliveryOverrideInput` from the relevant recipes.
- Rename `Type<Recipe>EmailDeliveryInput` to `<Recipe>EmailTemplateVars`
- Export `EmailTemplateVars` (alias of `<Recipe>EmailTemplateVars`) from all the relevant recipes
- Export `PasswordlessLogin(Email|SMS)TemplateVars`, `PasswordResetEmailTemplateVars`, and `VerificationEmailTemplateVars` from relevant recipes.
- Rename `(.*)ServiceConfig` to `(.*)Settings` for readability.
- Rename arg `input_` to `template_vars` in `EmailDeliveryInterface.send_email` and `SMTPServiceInterface.send_sms` functions.
- Rename arg `input_` to `content` and `template_vars` in `SMTPServiceInterface.send_raw_email` and `SMTPServiceInterface.get_content` functions respectively.
- Rename arg `get_content_result` to `content` and `input_` to `template_vars` in `TwilioServiceInterface.send_raw_email` and `TwilioServiceInterface.get_content` functions respectively.
- Removes support for FDI < 1.14

Changes
- Changes `get_email_for_user_id` function inside thirdpartypasswordless to take into account passwordless emails and return an empty string in case a passwordless email doesn't exist. This helps situations where the dev wants to customise the email verification functions in the thirdpartypasswordless recipe.

0.8.4

Added

- `email_delivery` user config for Emailpassword, Thirdparty, ThirdpartyEmailpassword, Passwordless and ThirdpartyPasswordless recipes.
- `sms_delivery` user config for Passwordless and ThirdpartyPasswordless recipes.
- `Twilio` service integartion for `sms_delivery` ingredient.
- `SMTP` service integration for `email_delivery` ingredient.
- `Supertokens` service integration for `sms_delivery` ingredient.

Deprecated

- For Emailpassword recipe input config, `reset_password_using_token_feature.create_and_send_custom_email` and `email_verification_feature.create_and_send_custom_email` have been deprecated.
- For Thirdparty recipe input config, `email_verification_feature.create_and_send_custom_email` has been deprecated.
- For ThirdpartyEmailpassword recipe input config, `reset_password_using_token_feature.create_and_send_custom_email` and `email_verification_feature.create_and_send_custom_email` have been deprecated.
- For Passwordless recipe input config, `create_and_send_custom_email` and `createAndSendCustomTextMessage` have been deprecated.
- For ThirdpartyPasswordless recipe input config, `create_and_send_custom_email`, `createAndSendCustomTextMessage` and `email_verification_feature.create_and_send_custom_email` have been deprecated.


Migration

Following is an example of ThirdpartyPasswordless recipe migration. If your existing code looks like

python
from supertokens_python import InputAppInfo, SupertokensConfig, init
from supertokens_python.recipe import thirdpartypasswordless

async def send_pless_login_email(input_: TypePasswordlessEmailDeliveryInput, user_context: Dict[str, Any]):
print("SEND_PLESS_LOGIN_EMAIL", input_.email, input_.user_input_code)

async def send_pless_login_sms(input_: TypeThirdPartyPasswordlessSmsDeliveryInput, user_context: Dict[str, Any]):
print("SEND_PLESS_LOGIN_SMS", input_.phone_number, input_.user_input_code)

async def send_ev_verification_email(user: TpPlessUser, link: str, user_context: Any):
print("SEND_EV_LOGIN_SMS", user.email, user.phone_number, user.third_party_info)


init(
supertokens_config=SupertokensConfig('http://localhost:3567'),
app_info=InputAppInfo(
api_domain="...",
app_name="...",
website_domain="...",
),
framework='...',
recipe_list=[thirdpartypasswordless.init(
contact_config=passwordless.ContactEmailOrPhoneConfig(
create_and_send_custom_email=send_pless_login_email,
create_and_send_custom_text_message=send_pless_login_sms,
),
flow_type='...',
email_verification_feature=thirdpartypasswordless.InputEmailVerificationConfig(
create_and_send_custom_email=send_ev_verification_email,
)
)]
)


After migration to using new `email_delivery` and `sms_delivery` config, your code would look like:

python
from supertokens_python import InputAppInfo, SupertokensConfig, init
from supertokens_python.ingredients.emaildelivery.types import EmailDeliveryInterface, EmailDeliveryConfig
from supertokens_python.ingredients.smsdelivery.types import SMSDeliveryInterface, SMSDeliveryConfig
from supertokens_python.recipe import thirdpartypasswordless, passwordless

from supertokens_python.recipe.emailverification.types import TypeEmailVerificationEmailDeliveryInput


async def send_pless_login_email(input_: TypePasswordlessEmailDeliveryInput, user_context: Dict[str, Any]):
print("SEND_PLESS_LOGIN_EMAIL", input_.email, input_.user_input_code)

async def send_pless_login_sms(input_: TypeThirdPartyPasswordlessSmsDeliveryInput, user_context: Dict[str, Any]):
print("SEND_PLESS_LOGIN_SMS", input_.phone_number, input_.user_input_code)

async def send_ev_verification_email(user: TpPlessUser, link: str, user_context: Any):
print("SEND_EV_LOGIN_SMS", user.email, user.phone_number, user.third_party_info)


class EmailDeliveryService(EmailDeliveryInterface):
async def send_email(self, input_: TypeThirdPartyPasswordlessEmailDeliveryInput, user_context: Dict[str, Any]):
if isinstance(input_, TypeEmailVerificationEmailDeliveryInput):
await send_ev_verification_email(input_, user_context)
elif isinstance(input_, TypePasswordlessEmailDeliveryInput):
await send_pless_login_email(input_, user_context)

class SMSDeliveryService(SMSDeliveryInterface):
async def send_sms(self, input_: TypeThirdPartyPasswordlessSmsDeliveryInput, user_context: Dict[str, Any]):
await send_pless_login_sms(input_, user_context)

init(
supertokens_config=SupertokensConfig('http://localhost:3567'),
app_info=InputAppInfo(
app_name="...",
api_domain="...",
website_domain="...",
),
framework='...',
recipe_list=[thirdpartypasswordless.init(
contact_config=passwordless.ContactEmailOrPhoneConfig(),
flow_type='...',
email_delivery=EmailDeliveryConfig(
service=EmailDeliveryService(),
),
sms_delivery=SMSDeliveryConfig(
service=SMSDeliveryService(),
),
)]
)

0.8.3

- Fix bugs in syncio functions across all the recipes
- Fixes bug in resend code POST API in passwordless recipe to use the correct instance type during checks.
- Fixes bug in thirdpartypasswordless recipe to prevent infinite loop during resent code API

0.8.2

- Update phonenumbers lib dependency version
- Adds type checks to the parameters of the emailpassword init funtion.
- Adds type checks to the parameters of the emailverification init funtion.
- Adds type checks to the parameters of the jwt init funtion.
- Adds type checks to the parameters of the openid init funtion.
- Adds type checks to the parameters of the session init funtion.
- Adds type checks to the parameters of the passwordless init funtion.
- Adds type checks to the parameters of the thirdparty init funtion.
- Adds type checks to the parameters of the thirdpartyemailpassword init funtion.
- Adds type checks to the parameters of the thirdpartypasswordless init funtion.
- Adds type checks to the parameters of the usermetadata init funtion.
- Adds django with thirdpartyemailpassword example.

Page 13 of 18

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.