feat: Suggested changes

Author: KShivendu

supertokens_python/recipe/session/access_token.py

@@ -113,9 +113,7 @@ def get_info_from_access_token(
         if anti_csrf_token is None and do_anti_csrf_check:
             raise Exception("Access token does not contain the anti-csrf token")
 
-        assert isinstance(
-            expiry_time, (int, float)
-        )  # FIXME: Use only int once core is updated
+        assert isinstance(expiry_time, int)
 
         if expiry_time < get_timestamp_ms():
             raise Exception("Access token expired")
@@ -141,12 +139,8 @@ def validate_access_token_structure(payload: Dict[str, Any], version: int) -> No
     if version >= 3:
         if (
             not isinstance(payload.get("sub"), str)
-            or not isinstance(
-                payload.get("exp"), (int, float)
-            )  # TODO: Leave only int once core is updated
-            or not isinstance(
-                payload.get("iat"), (int, float)
-            )  # TODO: Leave only int once core is updated
+            or not isinstance(payload.get("exp"), int)
+            or not isinstance(payload.get("iat"), int)
             or not isinstance(payload.get("sessionHandle"), str)
             or not isinstance(payload.get("refreshTokenHash1"), str)
         ):

supertokens_python/recipe/session/asyncio/__init__.py

@@ -46,7 +46,7 @@
     refresh_session_in_request,
 )
 from supertokens_python.types import MaybeAwaitable
-from supertokens_python.utils import FRAMEWORKS, resolve, deprecated_warn
+from supertokens_python.utils import FRAMEWORKS, resolve
 from ..exceptions import InvalidClaimsError
 from ..utils import get_required_claim_validators
 from ...jwt.interfaces import (
@@ -487,23 +487,6 @@ async def update_session_data_in_database(
     )
 
 
-async def update_access_token_payload(
-    session_handle: str,
-    new_access_token_payload: Dict[str, Any],
-    user_context: Union[None, Dict[str, Any]] = None,
-) -> bool:
-    if user_context is None:
-        user_context = {}
-
-    deprecated_warn(
-        "update_access_token_payload is deprecated. Use merge_into_access_token_payload instead"
-    )
-
-    return await SessionRecipe.get_instance().recipe_implementation.update_access_token_payload(
-        session_handle, new_access_token_payload, user_context
-    )
-
-
 async def merge_into_access_token_payload(
     session_handle: str,
     new_access_token_payload: Dict[str, Any],

supertokens_python/recipe/session/interfaces.py

@@ -309,15 +309,6 @@ async def update_session_data_in_database(
     ) -> bool:
         pass
 
-    @abstractmethod
-    async def update_access_token_payload(
-        self,
-        session_handle: str,
-        new_access_token_payload: Dict[str, Any],
-        user_context: Dict[str, Any],
-    ) -> bool:
-        """DEPRECATED: Use merge_into_access_token_payload instead"""
-
     @abstractmethod
     async def merge_into_access_token_payload(
         self,

supertokens_python/recipe/session/recipe_implementation.py

@@ -104,14 +104,12 @@ async def create_new_session(
             result["accessToken"]["token"]
         ).payload
 
-        refresh_token = result.get("refreshToken")
-        refresh_token_info: Optional[TokenInfo] = None
-        if refresh_token is not None:
-            refresh_token_info = TokenInfo(
-                refresh_token["token"],
-                refresh_token["expiry"],
-                refresh_token["createdTime"],
-            )
+        refresh_token = result["refreshToken"]
+        refresh_token_info = TokenInfo(
+            refresh_token["token"],
+            refresh_token["expiry"],
+            refresh_token["createdTime"],
+        )
 
         new_session = Session(
             self,
@@ -315,14 +313,12 @@ async def refresh_session(
                 response["accessToken"]["token"]
             ).payload
 
-            new_refresh_token: Optional[Dict[str, Any]] = response.get("refreshToken")
-            new_refresh_token_info: Optional[TokenInfo] = None
-            if new_refresh_token is not None:
-                new_refresh_token_info = TokenInfo(
-                    new_refresh_token["token"],
-                    new_refresh_token["expiry"],
-                    new_refresh_token["createdTime"],
-                )
+            new_refresh_token: Dict[str, Any] = response["refreshToken"]
+            new_refresh_token_info = TokenInfo(
+                new_refresh_token["token"],
+                new_refresh_token["expiry"],
+                new_refresh_token["createdTime"],
+            )
 
             session = Session(
                 self,
@@ -388,17 +384,6 @@ async def update_session_data_in_database(
             self, session_handle, new_session_data
         )
 
-    async def update_access_token_payload(
-        self,
-        session_handle: str,
-        new_access_token_payload: Dict[str, Any],
-        user_context: Dict[str, Any],
-    ) -> bool:
-
-        return await session_functions.update_access_token_payload(
-            self, session_handle, new_access_token_payload
-        )
-
     async def merge_into_access_token_payload(
         self,
         session_handle: str,
@@ -417,8 +402,8 @@ async def merge_into_access_token_payload(
             if new_access_token_payload[k] is None:
                 del new_access_token_payload[k]
 
-        return await self.update_access_token_payload(
-            session_handle, new_access_token_payload, user_context
+        return await session_functions.update_access_token_payload(
+            self, session_handle, new_access_token_payload
         )
 
     async def fetch_and_set_claim(

supertokens_python/recipe/session/session_class.py

@@ -52,11 +52,7 @@ class Session(SessionContainer):
     async def attach_to_request_response(
         self, request: BaseRequest, transfer_method: TokenTransferMethod
     ) -> None:
-        if self.req_res_info is None:
-            self.req_res_info = ReqResInfo(request, transfer_method)
-        else:
-            self.req_res_info.request = request
-            self.req_res_info.transfer_method = transfer_method
+        self.req_res_info = ReqResInfo(request, transfer_method)
 
         if self.access_token_updated:
             self.response_mutators.append(

supertokens_python/recipe/session/session_request_functions.py

@@ -297,7 +297,6 @@ async def create_new_session_in_request(
         await result.session.attach_to_request_response(request, output_transfer_method)
         log_debug_message("createNewSession: Attached new tokens to res")
 
-    # request.set_session(result.session)
     return result.session
 
 

supertokens_python/recipe/session/syncio/__init__.py

@@ -165,22 +165,6 @@ def update_session_data_in_database(
     )
 
 
-def update_access_token_payload(
-    session_handle: str,
-    new_access_token_payload: Dict[str, Any],
-    user_context: Union[None, Dict[str, Any]] = None,
-) -> bool:
-    from supertokens_python.recipe.session.asyncio import (
-        update_access_token_payload as async_update_access_token_payload,
-    )
-
-    return sync(
-        async_update_access_token_payload(
-            session_handle, new_access_token_payload, user_context
-        )
-    )
-
-
 def merge_into_access_token_payload(
     session_handle: str,
     new_access_token_payload: Dict[str, Any],

tests/frontendIntegration/django2x/polls/views.py

@@ -36,7 +36,7 @@
     create_new_session,
     get_session,
     revoke_all_sessions_for_user,
-    update_access_token_payload,
+    merge_into_access_token_payload,
 )
 from typing_extensions import Literal
 
@@ -111,7 +111,7 @@ def wrapped_function(request: HttpRequest, *args, **kwargs):  # type: ignore
                 if value is not None and value.status_code != 200:
                     return value
                 session: SessionContainer = request.supertokens  # type: ignore
-                update_access_token_payload(
+                merge_into_access_token_payload(
                     session.get_handle(), json.loads(request.body)
                 )
                 resp = JsonResponse(session.get_access_token_payload())

tests/frontendIntegration/django3x/polls/views.py

@@ -41,7 +41,7 @@
     revoke_all_sessions_for_user,
 )
 from supertokens_python.recipe.session.framework.django.asyncio import verify_session
-from supertokens_python.recipe.session.asyncio import update_access_token_payload
+from supertokens_python.recipe.session.asyncio import merge_into_access_token_payload
 
 module_dir = os.path.dirname(__file__)  # get current directory
 file_path = os.path.join(module_dir, "../templates/index.html")
@@ -118,7 +118,7 @@ async def wrapped_function(request: HttpRequest, *args, **kwargs):  # type: igno
                 if value is not None and value.status_code != 200:
                     return value
                 session: SessionContainer = request.supertokens  # type: ignore
-                await update_access_token_payload(
+                await merge_into_access_token_payload(
                     session.get_handle(), json.loads(request.body)
                 )
                 resp = JsonResponse(session.get_access_token_payload())

tests/frontendIntegration/fastapi-server/app.py

@@ -38,7 +38,7 @@
     SessionRecipe,
     create_new_session,
     revoke_all_sessions_for_user,
-    update_access_token_payload,
+    merge_into_access_token_payload,
 )
 from supertokens_python.recipe.session.framework.fastapi import verify_session
 from supertokens_python.recipe.session.interfaces import APIInterface, RecipeInterface
@@ -302,7 +302,7 @@ async def update_jwt_post(
 async def update_jwt_with_handle_post(
     request: Request, _session: SessionContainer = Depends(verify_session())
 ):
-    await update_access_token_payload(_session.get_handle(), await request.json())
+    await merge_into_access_token_payload(_session.get_handle(), await request.json())
     return JSONResponse(
         content=_session.get_access_token_payload(),
         headers={"Cache-Control": "no-cache, private"},

tests/frontendIntegration/flask-server/app.py

@@ -11,31 +11,27 @@
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
-from typing import Any, Dict
-from supertokens_python.recipe.session.syncio import update_access_token_payload
-from supertokens_python.recipe.session.interfaces import APIInterface, RecipeInterface
-from supertokens_python.framework import BaseRequest, BaseResponse
 import json
 import os
 import sys
 from functools import wraps
-from typing import Union
-
-from typing_extensions import Literal
+from typing import Any, Dict, Union
 
 from flask import Flask, g, jsonify, make_response, render_template, request
 from flask.wrappers import Response
 from flask_cors import CORS
+from typing_extensions import Literal
+
 from supertokens_python import InputAppInfo, Supertokens, SupertokensConfig, init
+from supertokens_python.framework import BaseRequest, BaseResponse
 from supertokens_python.framework.flask.flask_middleware import Middleware
 from supertokens_python.recipe import session
-from supertokens_python.recipe.session import (
-    InputErrorHandlers,
-    SessionRecipe,
-)
+from supertokens_python.recipe.session import InputErrorHandlers, SessionRecipe
 from supertokens_python.recipe.session.framework.flask import verify_session
+from supertokens_python.recipe.session.interfaces import APIInterface, RecipeInterface
 from supertokens_python.recipe.session.syncio import (
     create_new_session,
+    merge_into_access_token_payload,
     revoke_all_sessions_for_user,
 )
 
@@ -316,7 +312,7 @@ def update_jwt():
 # @supertokens_middleware()
 def update_jwt_post():
     _session = g.supertokens
-    _session.sync_update_access_token_payload(request.get_json())
+    _session.sync_merge_access_token_payload(request.get_json())
     Test.increment_get_session()
     resp = make_response(_session.get_access_token_payload())
     resp.headers["Cache-Control"] = "no-cache, private"
@@ -327,7 +323,7 @@ def update_jwt_post():
 @verify_session()
 def update_jwt_with_handle_post():
     _session = g.supertokens
-    update_access_token_payload(_session.get_handle(), request.get_json())
+    merge_into_access_token_payload(_session.get_handle(), request.get_json())
     resp = make_response(_session.get_access_token_payload())
     resp.headers["Cache-Control"] = "no-cache, private"
     return resp

tests/test_session.py

@@ -38,7 +38,7 @@
     revoke_session as asyncio_revoke_session,
 )
 from supertokens_python.recipe.session.asyncio import (
-    update_access_token_payload,
+    merge_into_access_token_payload,
     update_session_data_in_database,
 )
 from supertokens_python.recipe.session.interfaces import RecipeInterface
@@ -215,7 +215,7 @@ async def test_creating_many_sessions_for_one_user_and_looping():
         assert info.user_id == "someUser"
         assert info.access_token_payload["someKey"] == "someValue"
 
-        is_updated = await update_access_token_payload(
+        is_updated = await merge_into_access_token_payload(
             handle, {"someKey2": "someValue"}
         )
         assert is_updated
@@ -245,7 +245,7 @@ async def test_creating_many_sessions_for_one_user_and_looping():
         assert info.access_token_payload == {"bar": "baz"}
 
     # Try updating invalid handles:
-    is_updated = await update_access_token_payload("invalidHandle", {"foo": "bar"})
+    is_updated = await merge_into_access_token_payload("invalidHandle", {"foo": "bar"})
     assert is_updated is False
     is_updated = await update_session_data_in_database("invalidHandle", {"foo": "bar"})
     assert is_updated is False