Merge branch '0.16' into feat/cache-control-jwks

Author: KShivendu

.circleci/config_continue.yml

@@ -79,6 +79,22 @@ jobs:
       - run: make with-django2x
       - run: (cd .circleci/ && ./websiteDjango2x.sh)
       - slack/status
+  test-website-flask-nest-asyncio:
+    docker:
+      - image: rishabhpoddar/supertokens_python_driver_testing
+    resource_class: large
+    environment:
+      SUPERTOKENS_NEST_ASYNCIO: "1"
+    steps:
+      - checkout
+      - run: update-alternatives --install "/usr/bin/java" "java" "/usr/java/jdk-15.0.1/bin/java" 2
+      - run: update-alternatives --install "/usr/bin/javac" "javac" "/usr/java/jdk-15.0.1/bin/javac" 2
+      - run: git config --global url."https://github.com/".insteadOf ssh://[email protected]/
+      - run: echo "127.0.0.1 localhost.org" >> /etc/hosts
+      - run: make with-flask
+      - run: python -m pip install nest-asyncio
+      - run: (cd .circleci/ && ./websiteFlask.sh)
+      - slack/status
   test-authreact-fastapi:
     docker:
       - image: rishabhpoddar/supertokens_python_driver_testing

CHANGELOG.md

@@ -8,7 +8,26 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [0.16.2] - 2023-09-20
 
+- Allow use of [nest-asyncio](https://pypi.org/project/nest-asyncio/) when env var `SUPERTOKENS_NEST_ASYNCIO=1`.
+- Retry Querier request on `AsyncLibraryNotFoundError`
+
+## [0.16.1] - 2023-09-19
+- Handle AWS Public URLs (ending with `.amazonaws.com`) separately while extracting TLDs for SameSite attribute.
+
+
+## [0.16.0] - 2023-09-13
+
+
+### Added
+
+-   The Dashboard recipe now accepts a new `admins` property which can be used to give Dashboard Users write privileges for the user dashboard.
+
+### Changes
+
+-   Dashboard APIs now return a status code `403` for all non-GET requests if the currently logged in Dashboard User is not listed in the `admins` array
+- Now ignoring protected props in the payload in `create_new_session` and `create_new_session_without_request_response`
 
 ## [0.15.3] - 2023-09-25
 
@@ -529,6 +548,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
             }
         }
         ```
+### SDK and core compatibility
+
+- Compatible with Core>=6.0.0 (CDI 4.0)
+- Compatible with frontend SDKs:
+    - supertokens-auth-react@0.34.0
+    - supertokens-web-js@0.7.0
+    - supertokens-website@17.0.2
+
 
 ## [0.14.8] - 2023-07-07
 ## Fixes

html/supertokens_python/async_to_sync_wrapper.html

@@ -42,22 +42,34 @@ <h1 class="title">Module <code>supertokens_python.async_to_sync_wrapper</code></
 
 import asyncio
 from typing import Any, Coroutine, TypeVar
+from os import getenv
 
 _T = TypeVar(&#34;_T&#34;)
 
 
-def check_event_loop():
+def nest_asyncio_enabled():
+    return getenv(&#34;SUPERTOKENS_NEST_ASYNCIO&#34;, &#34;&#34;) == &#34;1&#34;
+
+
+def create_or_get_event_loop() -&gt; asyncio.AbstractEventLoop:
     try:
-        asyncio.get_event_loop()
-    except RuntimeError as ex:
+        return asyncio.get_event_loop()
+    except Exception as ex:
         if &#34;There is no current event loop in thread&#34; in str(ex):
             loop = asyncio.new_event_loop()
+
+            if nest_asyncio_enabled():
+                import nest_asyncio  # type: ignore
+
+                nest_asyncio.apply(loop)  # type: ignore
+
             asyncio.set_event_loop(loop)
+            return loop
+        raise ex
 
 
 def sync(co: Coroutine[Any, Any, _T]) -&gt; _T:
-    check_event_loop()
-    loop = asyncio.get_event_loop()
+    loop = create_or_get_event_loop()
     return loop.run_until_complete(co)</code></pre>
 </details>
 </section>
@@ -68,22 +80,43 @@ <h1 class="title">Module <code>supertokens_python.async_to_sync_wrapper</code></
 <section>
 <h2 class="section-title" id="header-functions">Functions</h2>
 <dl>
-<dt id="supertokens_python.async_to_sync_wrapper.check_event_loop"><code class="name flex">
-<span>def <span class="ident">check_event_loop</span></span>(<span>)</span>
+<dt id="supertokens_python.async_to_sync_wrapper.create_or_get_event_loop"><code class="name flex">
+<span>def <span class="ident">create_or_get_event_loop</span></span>(<span>) ‑> asyncio.events.AbstractEventLoop</span>
 </code></dt>
 <dd>
 <div class="desc"></div>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
-<pre><code class="python">def check_event_loop():
+<pre><code class="python">def create_or_get_event_loop() -&gt; asyncio.AbstractEventLoop:
     try:
-        asyncio.get_event_loop()
-    except RuntimeError as ex:
+        return asyncio.get_event_loop()
+    except Exception as ex:
         if &#34;There is no current event loop in thread&#34; in str(ex):
             loop = asyncio.new_event_loop()
-            asyncio.set_event_loop(loop)</code></pre>
+
+            if nest_asyncio_enabled():
+                import nest_asyncio  # type: ignore
+
+                nest_asyncio.apply(loop)  # type: ignore
+
+            asyncio.set_event_loop(loop)
+            return loop
+        raise ex</code></pre>
+</details>
+</dd>
+<dt id="supertokens_python.async_to_sync_wrapper.nest_asyncio_enabled"><code class="name flex">
+<span>def <span class="ident">nest_asyncio_enabled</span></span>(<span>)</span>
+</code></dt>
+<dd>
+<div class="desc"></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">def nest_asyncio_enabled():
+    return getenv(&#34;SUPERTOKENS_NEST_ASYNCIO&#34;, &#34;&#34;) == &#34;1&#34;</code></pre>
 </details>
 </dd>
 <dt id="supertokens_python.async_to_sync_wrapper.sync"><code class="name flex">
@@ -96,8 +129,7 @@ <h2 class="section-title" id="header-functions">Functions</h2>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def sync(co: Coroutine[Any, Any, _T]) -&gt; _T:
-    check_event_loop()
-    loop = asyncio.get_event_loop()
+    loop = create_or_get_event_loop()
     return loop.run_until_complete(co)</code></pre>
 </details>
 </dd>
@@ -119,7 +151,8 @@ <h2>Index</h2>
 </li>
 <li><h3><a href="#header-functions">Functions</a></h3>
 <ul class="">
-<li><code><a title="supertokens_python.async_to_sync_wrapper.check_event_loop" href="#supertokens_python.async_to_sync_wrapper.check_event_loop">check_event_loop</a></code></li>
+<li><code><a title="supertokens_python.async_to_sync_wrapper.create_or_get_event_loop" href="#supertokens_python.async_to_sync_wrapper.create_or_get_event_loop">create_or_get_event_loop</a></code></li>
+<li><code><a title="supertokens_python.async_to_sync_wrapper.nest_asyncio_enabled" href="#supertokens_python.async_to_sync_wrapper.nest_asyncio_enabled">nest_asyncio_enabled</a></code></li>
 <li><code><a title="supertokens_python.async_to_sync_wrapper.sync" href="#supertokens_python.async_to_sync_wrapper.sync">sync</a></code></li>
 </ul>
 </li>

html/supertokens_python/constants.html

@@ -42,7 +42,7 @@ <h1 class="title">Module <code>supertokens_python.constants</code></h1>
 from __future__ import annotations
 
 SUPPORTED_CDI_VERSIONS = [&#34;3.0&#34;]
-VERSION = &#34;0.15.2&#34;
+VERSION = &#34;0.16.2&#34;
 TELEMETRY = &#34;/telemetry&#34;
 USER_COUNT = &#34;/users/count&#34;
 USER_DELETE = &#34;/user/remove&#34;
@@ -56,7 +56,8 @@ <h1 class="title">Module <code>supertokens_python.constants</code></h1>
 API_VERSION = &#34;/apiversion&#34;
 API_VERSION_HEADER = &#34;cdi-version&#34;
 DASHBOARD_VERSION = &#34;0.7&#34;
-HUNDRED_YEARS_IN_MS = 3153600000000</code></pre>
+HUNDRED_YEARS_IN_MS = 3153600000000
+RATE_LIMIT_STATUS_CODE = 429</code></pre>
 </details>
 </section>
 <section>

html/supertokens_python/framework/django/django_request.html

@@ -57,6 +57,9 @@ <h1 class="title">Module <code>supertokens_python.framework.django.django_reques
         super().__init__()
         self.request = request
 
+    def get_original_url(self) -&gt; str:
+        return self.request.get_raw_uri()
+
     def get_query_param(
         self, key: str, default: Union[str, None] = None
     ) -&gt; Union[str, None]:
@@ -126,6 +129,9 @@ <h2 class="section-title" id="header-classes">Classes</h2>
         super().__init__()
         self.request = request
 
+    def get_original_url(self) -&gt; str:
+        return self.request.get_raw_uri()
+
     def get_query_param(
         self, key: str, default: Union[str, None] = None
     ) -&gt; Union[str, None]:
@@ -217,6 +223,19 @@ <h3>Methods</h3>
     return self.request.META.get(key.upper())</code></pre>
 </details>
 </dd>
+<dt id="supertokens_python.framework.django.django_request.DjangoRequest.get_original_url"><code class="name flex">
+<span>def <span class="ident">get_original_url</span></span>(<span>self) ‑> str</span>
+</code></dt>
+<dd>
+<div class="desc"></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">def get_original_url(self) -&gt; str:
+    return self.request.get_raw_uri()</code></pre>
+</details>
+</dd>
 <dt id="supertokens_python.framework.django.django_request.DjangoRequest.get_path"><code class="name flex">
 <span>def <span class="ident">get_path</span></span>(<span>self) ‑> str</span>
 </code></dt>
@@ -348,6 +367,7 @@ <h4><code><a title="supertokens_python.framework.django.django_request.DjangoReq
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.form_data" href="#supertokens_python.framework.django.django_request.DjangoRequest.form_data">form_data</a></code></li>
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_cookie" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_cookie">get_cookie</a></code></li>
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_header" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_header">get_header</a></code></li>
+<li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_original_url" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_original_url">get_original_url</a></code></li>
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_path" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_path">get_path</a></code></li>
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_query_param" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_query_param">get_query_param</a></code></li>
 <li><code><a title="supertokens_python.framework.django.django_request.DjangoRequest.get_query_params" href="#supertokens_python.framework.django.django_request.DjangoRequest.get_query_params">get_query_params</a></code></li>

html/supertokens_python/framework/fastapi/fastapi_request.html

@@ -56,6 +56,9 @@ <h1 class="title">Module <code>supertokens_python.framework.fastapi.fastapi_requ
         super().__init__()
         self.request = request
 
+    def get_original_url(self) -&gt; str:
+        return self.request.url.components.geturl()
+
     def get_query_param(
         self, key: str, default: Union[str, None] = None
     ) -&gt; Union[str, None]:
@@ -126,6 +129,9 @@ <h2 class="section-title" id="header-classes">Classes</h2>
         super().__init__()
         self.request = request
 
+    def get_original_url(self) -&gt; str:
+        return self.request.url.components.geturl()
+
     def get_query_param(
         self, key: str, default: Union[str, None] = None
     ) -&gt; Union[str, None]:
@@ -218,6 +224,19 @@ <h3>Methods</h3>
     return self.request.headers.get(key, None)</code></pre>
 </details>
 </dd>
+<dt id="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_original_url"><code class="name flex">
+<span>def <span class="ident">get_original_url</span></span>(<span>self) ‑> str</span>
+</code></dt>
+<dd>
+<div class="desc"></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">def get_original_url(self) -&gt; str:
+    return self.request.url.components.geturl()</code></pre>
+</details>
+</dd>
 <dt id="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_path"><code class="name flex">
 <span>def <span class="ident">get_path</span></span>(<span>self) ‑> str</span>
 </code></dt>
@@ -350,6 +369,7 @@ <h4><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApi
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.form_data" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.form_data">form_data</a></code></li>
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_cookie" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_cookie">get_cookie</a></code></li>
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_header" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_header">get_header</a></code></li>
+<li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_original_url" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_original_url">get_original_url</a></code></li>
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_path" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_path">get_path</a></code></li>
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_query_param" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_query_param">get_query_param</a></code></li>
 <li><code><a title="supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_query_params" href="#supertokens_python.framework.fastapi.fastapi_request.FastApiRequest.get_query_params">get_query_params</a></code></li>

html/supertokens_python/framework/flask/flask_request.html

@@ -55,6 +55,9 @@ <h1 class="title">Module <code>supertokens_python.framework.flask.flask_request<
         super().__init__()
         self.request = req
 
+    def get_original_url(self) -&gt; str:
+        return self.request.url
+
     def get_query_param(self, key: str, default: Union[str, None] = None):
         return self.request.args.get(key, default)
 
@@ -133,6 +136,9 @@ <h2 class="section-title" id="header-classes">Classes</h2>
         super().__init__()
         self.request = req
 
+    def get_original_url(self) -&gt; str:
+        return self.request.url
+
     def get_query_param(self, key: str, default: Union[str, None] = None):
         return self.request.args.get(key, default)
 
@@ -233,6 +239,19 @@ <h3>Methods</h3>
     return self.request.headers.get(key)  # type: ignore</code></pre>
 </details>
 </dd>
+<dt id="supertokens_python.framework.flask.flask_request.FlaskRequest.get_original_url"><code class="name flex">
+<span>def <span class="ident">get_original_url</span></span>(<span>self) ‑> str</span>
+</code></dt>
+<dd>
+<div class="desc"></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">def get_original_url(self) -&gt; str:
+    return self.request.url</code></pre>
+</details>
+</dd>
 <dt id="supertokens_python.framework.flask.flask_request.FlaskRequest.get_path"><code class="name flex">
 <span>def <span class="ident">get_path</span></span>(<span>self) ‑> str</span>
 </code></dt>
@@ -371,6 +390,7 @@ <h4><code><a title="supertokens_python.framework.flask.flask_request.FlaskReques
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.form_data" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.form_data">form_data</a></code></li>
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_cookie" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_cookie">get_cookie</a></code></li>
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_header" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_header">get_header</a></code></li>
+<li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_original_url" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_original_url">get_original_url</a></code></li>
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_path" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_path">get_path</a></code></li>
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_query_param" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_query_param">get_query_param</a></code></li>
 <li><code><a title="supertokens_python.framework.flask.flask_request.FlaskRequest.get_query_params" href="#supertokens_python.framework.flask.flask_request.FlaskRequest.get_query_params">get_query_params</a></code></li>

html/supertokens_python/framework/request.html

@@ -53,6 +53,10 @@ <h1 class="title">Module <code>supertokens_python.framework.request</code></h1>
         self.wrapper_used = True
         self.request = None
 
+    @abstractmethod
+    def get_original_url(self) -&gt; str:
+        pass
+
     @abstractmethod
     def get_query_param(
         self, key: str, default: Union[str, None] = None
@@ -127,6 +131,10 @@ <h2 class="section-title" id="header-classes">Classes</h2>
         self.wrapper_used = True
         self.request = None
 
+    @abstractmethod
+    def get_original_url(self) -&gt; str:
+        pass
+
     @abstractmethod
     def get_query_param(
         self, key: str, default: Union[str, None] = None
@@ -230,6 +238,20 @@ <h3>Methods</h3>
     pass</code></pre>
 </details>
 </dd>
+<dt id="supertokens_python.framework.request.BaseRequest.get_original_url"><code class="name flex">
+<span>def <span class="ident">get_original_url</span></span>(<span>self) ‑> str</span>
+</code></dt>
+<dd>
+<div class="desc"></div>
+<details class="source">
+<summary>
+<span>Expand source code</span>
+</summary>
+<pre><code class="python">@abstractmethod
+def get_original_url(self) -&gt; str:
+    pass</code></pre>
+</details>
+</dd>
 <dt id="supertokens_python.framework.request.BaseRequest.get_path"><code class="name flex">
 <span>def <span class="ident">get_path</span></span>(<span>self) ‑> str</span>
 </code></dt>
@@ -372,6 +394,7 @@ <h4><code><a title="supertokens_python.framework.request.BaseRequest" href="#sup
 <li><code><a title="supertokens_python.framework.request.BaseRequest.form_data" href="#supertokens_python.framework.request.BaseRequest.form_data">form_data</a></code></li>
 <li><code><a title="supertokens_python.framework.request.BaseRequest.get_cookie" href="#supertokens_python.framework.request.BaseRequest.get_cookie">get_cookie</a></code></li>
 <li><code><a title="supertokens_python.framework.request.BaseRequest.get_header" href="#supertokens_python.framework.request.BaseRequest.get_header">get_header</a></code></li>
+<li><code><a title="supertokens_python.framework.request.BaseRequest.get_original_url" href="#supertokens_python.framework.request.BaseRequest.get_original_url">get_original_url</a></code></li>
 <li><code><a title="supertokens_python.framework.request.BaseRequest.get_path" href="#supertokens_python.framework.request.BaseRequest.get_path">get_path</a></code></li>
 <li><code><a title="supertokens_python.framework.request.BaseRequest.get_query_param" href="#supertokens_python.framework.request.BaseRequest.get_query_param">get_query_param</a></code></li>
 <li><code><a title="supertokens_python.framework.request.BaseRequest.get_query_params" href="#supertokens_python.framework.request.BaseRequest.get_query_params">get_query_params</a></code></li>