feat: All changes related to passwordless multitenancy

Author: KShivendu

supertokens_python/ingredients/emaildelivery/types.py

@@ -24,7 +24,9 @@
 
 class EmailDeliveryInterface(ABC, Generic[_T]):
     @abstractmethod
-    async def send_email(self, template_vars: _T, user_context: Dict[str, Any]) -> None:
+    async def send_email(
+        self, template_vars: _T, tenant_id: str, user_context: Dict[str, Any]
+    ) -> None:
         pass
 
 

supertokens_python/ingredients/smsdelivery/types.py

@@ -22,7 +22,9 @@
 
 class SMSDeliveryInterface(ABC, Generic[_T]):
     @abstractmethod
-    async def send_sms(self, template_vars: _T, user_context: Dict[str, Any]) -> None:
+    async def send_sms(
+        self, template_vars: _T, tenant_id: str, user_context: Dict[str, Any]
+    ) -> None:
         pass
 
 

supertokens_python/recipe/dashboard/api/userdetails/user_email_verify_token_post.py

@@ -59,8 +59,10 @@ async def handle_email_verify_token_post(
 
     assert isinstance(email_verification_token, CreateEmailVerificationTokenOkResult)
 
+    # TODO: Pass tenant id
+    tenant_id = "pass-tenant-id"
     email_verify_link = get_email_verify_link(
-        api_options.app_info, email_verification_token.token, user_id
+        api_options.app_info, email_verification_token.token, user_id, tenant_id
     )
 
     await send_email(

supertokens_python/recipe/emailpassword/api/implementation.py

@@ -113,7 +113,7 @@ async def generate_password_reset_token_post(
             password_reset_link=password_reset_link,
         )
         await api_options.email_delivery.ingredient_interface_impl.send_email(
-            send_email_input, user_context
+            send_email_input, tenant_id, user_context
         )
 
         return GeneratePasswordResetTokenPostOkResult()

supertokens_python/recipe/emailpassword/asyncio/__init__.py

@@ -109,10 +109,12 @@ async def sign_up(
 
 
 async def send_email(
-    input_: EmailTemplateVars, user_context: Union[None, Dict[str, Any]] = None
+    input_: EmailTemplateVars,
+    tenant_id: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().email_delivery.ingredient_interface_impl.send_email(
-        input_, user_context
+        input_, tenant_id, user_context
     )

supertokens_python/recipe/emailpassword/emaildelivery/services/backward_compatibility/__init__.py

@@ -87,7 +87,10 @@ def __init__(
         )
 
     async def send_email(
-        self, template_vars: EmailTemplateVars, user_context: Dict[str, Any]
+        self,
+        template_vars: EmailTemplateVars,
+        tenant_id: str,
+        user_context: Dict[str, Any],
     ) -> None:
         user = await self.recipe_interface_impl.get_user_by_id(
             user_id=template_vars.user.id, user_context=user_context

supertokens_python/recipe/emailpassword/emaildelivery/services/smtp/__init__.py

@@ -42,7 +42,10 @@ def __init__(
         self.service_implementation = oi if override is None else override(oi)
 
     async def send_email(
-        self, template_vars: EmailTemplateVars, user_context: Dict[str, Any]
+        self,
+        template_vars: EmailTemplateVars,
+        tenant_id: str,
+        user_context: Dict[str, Any],
     ) -> None:
         content = await self.service_implementation.get_content(
             template_vars, user_context

supertokens_python/recipe/emailpassword/syncio/__init__.py

@@ -103,8 +103,10 @@ def sign_up(
 
 
 def send_email(
-    input_: EmailTemplateVars, user_context: Union[None, Dict[str, Any]] = None
+    input_: EmailTemplateVars,
+    tenant_id: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     from supertokens_python.recipe.emailpassword.asyncio import send_email
 
-    return sync(send_email(input_, user_context))
+    return sync(send_email(input_, tenant_id, user_context))

supertokens_python/recipe/emailpassword/types.py

@@ -30,7 +30,7 @@ def __init__(
         self.time_joined = time_joined
         self.tenant_ids = tenant_ids
 
-    def __eq__(self, other: "User"): # type: ignore
+    def __eq__(self, other: "User"):  # type: ignore
         return (
             isinstance(other, self.__class__)
             and self.user_id == other.user_id

supertokens_python/recipe/emailverification/api/email_verify.py

@@ -28,6 +28,7 @@
 
 async def handle_email_verify_api(
     api_implementation: APIInterface,
+    tenant_id: str,
     api_options: APIOptions,
     user_context: Dict[str, Any],
 ):
@@ -52,7 +53,7 @@ async def handle_email_verify_api(
         )
 
         result = await api_implementation.email_verify_post(
-            token, session, api_options, user_context
+            token, session, tenant_id, api_options, user_context
         )
     else:
         if api_implementation.disable_is_email_verified_get:

supertokens_python/recipe/emailverification/asyncio/__init__.py

@@ -23,10 +23,13 @@
 from supertokens_python.recipe.emailverification.types import EmailTemplateVars
 from supertokens_python.recipe.emailverification.recipe import EmailVerificationRecipe
 
+from supertokens_python.recipe.multitenancy.constants import DEFAULT_TENANT_ID
+
 
 async def create_email_verification_token(
     user_id: str,
     email: Optional[str] = None,
+    tenant_id: Optional[str] = None,
     user_context: Union[None, Dict[str, Any]] = None,
 ) -> Union[
     CreateEmailVerificationTokenOkResult,
@@ -45,17 +48,19 @@ async def create_email_verification_token(
             raise Exception("Unknown User ID provided without email")
 
     return await recipe.recipe_implementation.create_email_verification_token(
-        user_id, email, user_context
+        user_id, email, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
 async def verify_email_using_token(
-    token: str, user_context: Union[None, Dict[str, Any]] = None
+    token: str,
+    tenant_id: Optional[str] = None,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailVerificationRecipe.get_instance().recipe_implementation.verify_email_using_token(
-        token, user_context
+        token, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
@@ -85,6 +90,7 @@ async def is_email_verified(
 async def revoke_email_verification_tokens(
     user_id: str,
     email: Optional[str] = None,
+    tenant_id: Optional[str] = None,
     user_context: Optional[Dict[str, Any]] = None,
 ) -> RevokeEmailVerificationTokensOkResult:
     if user_context is None:
@@ -101,7 +107,7 @@ async def revoke_email_verification_tokens(
             raise Exception("Unknown User ID provided without email")
 
     return await EmailVerificationRecipe.get_instance().recipe_implementation.revoke_email_verification_tokens(
-        user_id, email, user_context
+        user_id, email, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
@@ -131,10 +137,12 @@ async def unverify_email(
 
 
 async def send_email(
-    input_: EmailTemplateVars, user_context: Union[None, Dict[str, Any]] = None
+    input_: EmailTemplateVars,
+    tenant_id: Optional[str] = None,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailVerificationRecipe.get_instance().email_delivery.ingredient_interface_impl.send_email(
-        input_, user_context
+        input_, tenant_id or DEFAULT_TENANT_ID, user_context
     )

supertokens_python/recipe/emailverification/emaildelivery/services/backward_compatibility/__init__.py

@@ -66,7 +66,10 @@ def __init__(
         )
 
     async def send_email(
-        self, template_vars: VerificationEmailTemplateVars, user_context: Dict[str, Any]
+        self,
+        template_vars: VerificationEmailTemplateVars,
+        tenant_id: str,
+        user_context: Dict[str, Any],
     ) -> None:
         try:
             email_user = User(template_vars.user.id, template_vars.user.email)

supertokens_python/recipe/emailverification/emaildelivery/services/smtp/__init__.py

@@ -41,7 +41,10 @@ def __init__(
         self.service_implementation = oi if override is None else override(oi)
 
     async def send_email(
-        self, template_vars: VerificationEmailTemplateVars, user_context: Dict[str, Any]
+        self,
+        template_vars: VerificationEmailTemplateVars,
+        tenant_id: str,
+        user_context: Dict[str, Any],
     ) -> None:
         content = await self.service_implementation.get_content(
             template_vars, user_context

supertokens_python/recipe/emailverification/interfaces.py

@@ -61,7 +61,7 @@ def __init__(self):
 
     @abstractmethod
     async def create_email_verification_token(
-        self, user_id: str, email: str, user_context: Dict[str, Any]
+        self, user_id: str, email: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[
         CreateEmailVerificationTokenOkResult,
         CreateEmailVerificationTokenEmailAlreadyVerifiedError,
@@ -70,7 +70,7 @@ async def create_email_verification_token(
 
     @abstractmethod
     async def verify_email_using_token(
-        self, token: str, user_context: Dict[str, Any]
+        self, token: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[VerifyEmailUsingTokenOkResult, VerifyEmailUsingTokenInvalidTokenError]:
         pass
 
@@ -82,7 +82,7 @@ async def is_email_verified(
 
     @abstractmethod
     async def revoke_email_verification_tokens(
-        self, user_id: str, email: str, user_context: Dict[str, Any]
+        self, user_id: str, email: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> RevokeEmailVerificationTokensOkResult:
         pass
 
@@ -169,6 +169,7 @@ async def email_verify_post(
         self,
         token: str,
         session: Optional[SessionContainer],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[

supertokens_python/recipe/emailverification/recipe.py

@@ -165,7 +165,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
-        tenant_id: Optional[str],
+        tenant_id: str,
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -186,7 +186,7 @@ async def handle_api_request(
                 self.api_implementation, api_options, user_context
             )
         return await handle_email_verify_api(
-            self.api_implementation, api_options, user_context
+            self.api_implementation, tenant_id, api_options, user_context
         )
 
     async def handle_error(
@@ -342,12 +342,13 @@ async def email_verify_post(
         self,
         token: str,
         session: Optional[SessionContainer],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[EmailVerifyPostOkResult, EmailVerifyPostInvalidTokenError]:
 
         response = await api_options.recipe_implementation.verify_email_using_token(
-            token, user_context
+            token, tenant_id, user_context
         )
         if isinstance(response, VerifyEmailUsingTokenOkResult):
             if session is not None:
@@ -411,6 +412,7 @@ async def generate_email_verify_token_post(
         email_info = await EmailVerificationRecipe.get_instance().get_email_for_user_id(
             user_id, user_context
         )
+        tenant_id = session.get_access_token_payload()["tid"]
 
         if isinstance(email_info, EmailDoesNotExistError):
             log_debug_message(
@@ -423,6 +425,7 @@ async def generate_email_verify_token_post(
                 await api_options.recipe_implementation.create_email_verification_token(
                     user_id,
                     email_info.email,
+                    tenant_id,
                     user_context,
                 )
             )
@@ -450,7 +453,7 @@ async def generate_email_verify_token_post(
                 await session.fetch_and_set_claim(EmailVerificationClaim, user_context)
 
             email_verify_link = get_email_verify_link(
-                api_options.app_info, response.token, api_options.recipe_id
+                api_options.app_info, response.token, api_options.recipe_id, tenant_id
             )
 
             log_debug_message("Sending email verification email to %s", email_info)
@@ -460,7 +463,7 @@ async def generate_email_verify_token_post(
                 user_context=user_context,
             )
             await api_options.email_delivery.ingredient_interface_impl.send_email(
-                email_verification_email_delivery_input, user_context
+                email_verification_email_delivery_input, tenant_id, user_context
             )
             return GenerateEmailVerifyTokenPostOkResult()
 

supertokens_python/recipe/emailverification/recipe_implementation.py

@@ -41,25 +41,25 @@ def __init__(self, querier: Querier, config: EmailVerificationConfig):
         self.config = config
 
     async def create_email_verification_token(
-        self, user_id: str, email: str, user_context: Dict[str, Any]
+        self, user_id: str, email: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[
         CreateEmailVerificationTokenOkResult,
         CreateEmailVerificationTokenEmailAlreadyVerifiedError,
     ]:
         data = {"userId": user_id, "email": email}
         response = await self.querier.send_post_request(
-            NormalisedURLPath("/recipe/user/email/verify/token"), data
+            NormalisedURLPath(f"{tenant_id}/recipe/user/email/verify/token"), data
         )
         if "status" in response and response["status"] == "OK":
             return CreateEmailVerificationTokenOkResult(response["token"])
         return CreateEmailVerificationTokenEmailAlreadyVerifiedError()
 
     async def verify_email_using_token(
-        self, token: str, user_context: Dict[str, Any]
+        self, token: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[VerifyEmailUsingTokenOkResult, VerifyEmailUsingTokenInvalidTokenError]:
         data = {"method": "token", "token": token}
         response = await self.querier.send_post_request(
-            NormalisedURLPath("/recipe/user/email/verify"), data
+            NormalisedURLPath(f"{tenant_id}/recipe/user/email/verify"), data
         )
         if "status" in response and response["status"] == "OK":
             return VerifyEmailUsingTokenOkResult(
@@ -77,11 +77,12 @@ async def is_email_verified(
         return response["isVerified"]
 
     async def revoke_email_verification_tokens(
-        self, user_id: str, email: str, user_context: Dict[str, Any]
+        self, user_id: str, email: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> RevokeEmailVerificationTokensOkResult:
         data = {"userId": user_id, "email": email}
         await self.querier.send_post_request(
-            NormalisedURLPath("/recipe/user/email/verify/token/remove"), data
+            NormalisedURLPath(f"{tenant_id}/recipe/user/email/verify/token/remove"),
+            data,
         )
         return RevokeEmailVerificationTokensOkResult()