Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

removes overwrite session flag #533

Merged
merged 1 commit into from
Oct 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 6 additions & 18 deletions supertokens_python/auth_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@
)
from supertokens_python.recipe.multitenancy.asyncio import associate_user_to_tenant
from supertokens_python.recipe.session.interfaces import SessionContainer
from supertokens_python.recipe.session.recipe import SessionRecipe
from supertokens_python.recipe.session.asyncio import create_new_session, get_session
from supertokens_python.recipe.thirdparty.types import ThirdPartyInfo
from supertokens_python.types import (
Expand Down Expand Up @@ -249,17 +248,13 @@ async def post_auth_checks(
# If the new user wasn't linked to the current one, we check the config and overwrite the session if required
# Note: we could also get here if MFA is enabled, but the app didn't want to link the user to the session user.
# This is intentional, since the MFA and overwriteSessionDuringSignInUp configs should work independently.
overwrite_session_during_sign_in_up = (
SessionRecipe.get_instance().config.overwrite_session_during_sign_in_up
resp_session = await create_new_session(
request, tenant_id, recipe_user_id, {}, {}, user_context
)
if overwrite_session_during_sign_in_up:
resp_session = await create_new_session(
request, tenant_id, recipe_user_id, {}, {}, user_context
if mfa_instance is not None:
await mark_factor_as_complete_in_session(
resp_session, factor_id, user_context
)
if mfa_instance is not None:
await mark_factor_as_complete_in_session(
resp_session, factor_id, user_context
)
else:
log_debug_message("postAuthChecks creating session for first factor sign in/up")
# If there is no input session, we do not need to do anything other checks and create a new session
Expand Down Expand Up @@ -993,14 +988,7 @@ async def load_session_in_auth_api_if_needed(
user_context: Dict[str, Any],
) -> Optional[SessionContainer]:

overwrite_session_during_sign_in_up = (
SessionRecipe.get_instance().config.overwrite_session_during_sign_in_up
)

if (
should_try_linking_with_session_user is not False
or not overwrite_session_during_sign_in_up
):
if should_try_linking_with_session_user is not False:
return await get_session(
request,
session_required=should_try_linking_with_session_user is True,
Expand Down
2 changes: 0 additions & 2 deletions supertokens_python/recipe/session/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,6 @@ def init(
use_dynamic_access_token_signing_key: Union[bool, None] = None,
expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
jwks_refresh_interval_sec: Union[int, None] = None,
overwrite_session_during_sign_in_up: Union[bool, None] = None,
) -> Callable[[AppInfo], RecipeModule]:
return SessionRecipe.init(
cookie_domain,
Expand All @@ -68,5 +67,4 @@ def init(
use_dynamic_access_token_signing_key,
expose_access_token_to_frontend_in_cookie_based_auth,
jwks_refresh_interval_sec,
overwrite_session_during_sign_in_up,
)
4 changes: 0 additions & 4 deletions supertokens_python/recipe/session/recipe.py
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,6 @@ def __init__(
use_dynamic_access_token_signing_key: Union[bool, None] = None,
expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
jwks_refresh_interval_sec: Union[int, None] = None,
overwrite_session_during_sign_in_up: Union[bool, None] = None,
):
super().__init__(recipe_id, app_info)
self.config = validate_and_normalise_user_input(
Expand All @@ -111,7 +110,6 @@ def __init__(
use_dynamic_access_token_signing_key,
expose_access_token_to_frontend_in_cookie_based_auth,
jwks_refresh_interval_sec,
overwrite_session_during_sign_in_up,
)
self.openid_recipe = OpenIdRecipe(
recipe_id,
Expand Down Expand Up @@ -312,7 +310,6 @@ def init(
use_dynamic_access_token_signing_key: Union[bool, None] = None,
expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
jwks_refresh_interval_sec: Union[int, None] = None,
overwrite_session_during_sign_in_up: Union[bool, None] = None,
):
def func(app_info: AppInfo):
if SessionRecipe.__instance is None:
Expand All @@ -332,7 +329,6 @@ def func(app_info: AppInfo):
use_dynamic_access_token_signing_key,
expose_access_token_to_frontend_in_cookie_based_auth,
jwks_refresh_interval_sec,
overwrite_session_during_sign_in_up,
)
return SessionRecipe.__instance
raise_general_exception(
Expand Down
8 changes: 0 additions & 8 deletions supertokens_python/recipe/session/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,6 @@ def __init__(
use_dynamic_access_token_signing_key: bool,
expose_access_token_to_frontend_in_cookie_based_auth: bool,
jwks_refresh_interval_sec: int,
overwrite_session_during_sign_in_up: bool,
):
self.session_expired_status_code = session_expired_status_code
self.invalid_claim_status_code = invalid_claim_status_code
Expand All @@ -412,7 +411,6 @@ def __init__(
self.framework = framework
self.mode = mode
self.jwks_refresh_interval_sec = jwks_refresh_interval_sec
self.overwrite_session_during_sign_in_up = overwrite_session_during_sign_in_up


def validate_and_normalise_user_input(
Expand All @@ -436,7 +434,6 @@ def validate_and_normalise_user_input(
use_dynamic_access_token_signing_key: Union[bool, None] = None,
expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
jwks_refresh_interval_sec: Union[int, None] = None,
overwrite_session_during_sign_in_up: Union[bool, None] = None,
):
_ = cookie_same_site # we have this otherwise pylint complains that cookie_same_site is unused, but it is being used in the get_cookie_same_site function.
if anti_csrf not in {"VIA_TOKEN", "VIA_CUSTOM_HEADER", "NONE", None}:
Expand Down Expand Up @@ -564,11 +561,6 @@ def anti_csrf_function(
use_dynamic_access_token_signing_key,
expose_access_token_to_frontend_in_cookie_based_auth,
jwks_refresh_interval_sec,
(
overwrite_session_during_sign_in_up
if overwrite_session_during_sign_in_up is not None
else False
),
)


Expand Down
5 changes: 1 addition & 4 deletions tests/test-server/app.py
Original file line number Diff line number Diff line change
Expand Up @@ -301,9 +301,6 @@ async def custom_unauthorised_callback(
use_dynamic_access_token_signing_key=recipe_config_json.get(
"useDynamicAccessTokenSigningKey"
),
overwrite_session_during_sign_in_up=recipe_config_json.get(
"overwriteSessionDuringSignInUp", None
),
override=session.InputOverrideConfig(
apis=override_builder_with_logging(
"Session.override.apis",
Expand Down Expand Up @@ -703,7 +700,7 @@ def override_params():

@app.route("/test/featureflag", methods=["GET"]) # type: ignore
def feature_flag():
return jsonify([])
return jsonify(["removedOverwriteSessionDuringSignInUp"])


@app.route("/test/resetoverrideparams", methods=["POST"]) # type: ignore
Expand Down
Loading