Merge branch 'feat/session-claim-remaining' into feat/session-grants

Author: KShivendu

supertokens_python/recipe/emailverification/ev_claim.py

@@ -53,15 +53,17 @@ def should_refetch(
         return (value is None) or (
             value is False
             and last_refetch_time
-            < (get_timestamp_ms() - self.refetch_time_on_false_in_ms)
+            < (
+                get_timestamp_ms() - self.refetch_time_on_false_in_ms
+            )  # TODO: Default 5 min?
         )
 
 
 class EmailVerificationClaimValidators(BooleanClaimValidators):
     def is_verified(
         self, refetch_time_on_false_in_seconds: int = 10
     ) -> SessionClaimValidator:
-        has_value_res = self.has_value(True, "st-ev-is-verified")
+        has_value_res = self.has_value(True, id_="st-ev-is-verified")
         assert isinstance(self.claim, BooleanClaim)
         return IsVerifiedSCV(
             self.claim, has_value_res, refetch_time_on_false_in_seconds

supertokens_python/recipe/session/api/implementation.py

@@ -31,33 +31,23 @@
 
 from typing import Any, Dict
 
-from supertokens_python.recipe.session.exceptions import UnauthorisedError
-
 
 class APIImplementation(APIInterface):
     async def refresh_post(
         self, api_options: APIOptions, user_context: Dict[str, Any]
-    ) -> None:
-        await api_options.recipe_implementation.refresh_session(
+    ) -> SessionContainer:
+        return await api_options.recipe_implementation.refresh_session(
             api_options.request, user_context
         )
 
     async def signout_post(
-        self, api_options: APIOptions, user_context: Dict[str, Any]
+        self,
+        api_options: APIOptions,
+        session: SessionContainer,
+        user_context: Dict[str, Any],
     ) -> SignOutOkayResponse:
-        try:
-            session = await api_options.recipe_implementation.get_session(
-                request=api_options.request,
-                user_context=user_context,
-                anti_csrf_check=None,
-                session_required=True,
-            )
-        except UnauthorisedError:
-            return SignOutOkayResponse()
-
-        if session is None:
-            raise Exception("Session is undefined. Should not come here.")
-        await session.revoke_session(user_context)
+        if session is not None:
+            await session.revoke_session(user_context)
         return SignOutOkayResponse()
 
     async def verify_session(
@@ -86,6 +76,7 @@ async def verify_session(
             api_options.request,
             anti_csrf_check,
             session_required,
+            override_global_claim_validators,
             user_context,
         )
 
@@ -95,10 +86,6 @@ async def verify_session(
                 override_global_claim_validators,
                 user_context,
             )
-            await api_options.recipe_implementation.assert_claims(
-                session,
-                claim_validators,
-                user_context,
-            )
+            await session.assert_claims(claim_validators, user_context)
 
         return session

supertokens_python/recipe/session/api/signout.py

@@ -29,7 +29,16 @@ async def handle_signout_api(api_implementation: APIInterface, api_options: APIO
         return None
     user_context = default_user_context(api_options.request)
 
-    response = await api_implementation.signout_post(api_options, user_context)
+    session = await api_options.recipe_implementation.get_session(
+        request=api_options.request,
+        anti_csrf_check=None,  # TODO: What should I pass here?
+        session_required=False,
+        override_global_claim_validators=lambda _, __, ___: [],
+        user_context=user_context,
+    )
+
+    assert session is not None  # TODO: Is this okay?
+    response = await api_implementation.signout_post(api_options, session, user_context)
     if api_options.response is None:
         raise Exception("Should never come here")
     return send_200_response(response.to_json(), api_options.response)

supertokens_python/recipe/session/asyncio/__init__.py

@@ -122,10 +122,24 @@ async def validate_claims_for_session_handle(
     else:
         claim_validators = global_claim_validators
 
-    return await recipe_impl.validate_claims_for_session_handle(
-        session_info, claim_validators, user_context
+    claim_validation_res = await recipe_impl.validate_claims(
+        session_info.user_id,
+        session_info.access_token_payload,
+        claim_validators,
+        user_context,
     )
 
+    if claim_validation_res.access_token_payload_update is not None:
+        updated = await recipe_impl.merge_into_access_token_payload(
+            session_handle,
+            claim_validation_res.access_token_payload_update,
+            user_context,
+        )
+        if not updated:
+            return SessionDoesNotExistError()
+
+    return ClaimsValidationResult(claim_validation_res.invalid_claims)
+
 
 async def validate_claims_in_jwt_payload(
     user_id: str,
@@ -245,14 +259,15 @@ async def get_session(
         request,
         anti_csrf_check,
         session_required,
+        lambda _, __, ___: [],
         user_context,
     )
 
     if session is not None:
         claim_validators = await get_required_claim_validators(
             session, override_global_claim_validators, user_context
         )
-        await session_recipe_impl.assert_claims(session, claim_validators, user_context)
+        await session.assert_claims(claim_validators, user_context)
 
     return session
 

supertokens_python/recipe/session/claim_base_classes/boolean_claim.py

@@ -22,12 +22,12 @@
 class BooleanClaimValidators(PrimitiveClaimValidators[bool]):
     def is_true(self, max_age: Optional[int]):
         if max_age is not None:
-            return self.has_fresh_value(True, max_age)
+            return self.has_value(True, max_age)
         return self.has_value(True)
 
     def is_false(self, max_age: Optional[int]):
         if max_age is not None:
-            return self.has_fresh_value(False, max_age)
+            return self.has_value(False, max_age)
         return self.has_value(False)