supertokens
diff --git a/‎supertokens_python/recipe/session/api/implementation.py
Lines changed: 8 additions & 2 deletions b/‎supertokens_python/recipe/session/api/implementation.py
Lines changed: 8 additions & 2 deletions
diff --git a/‎supertokens_python/recipe/session/asyncio/__init__.py
Lines changed: 117 additions & 4 deletions b/‎supertokens_python/recipe/session/asyncio/__init__.py
Lines changed: 117 additions & 4 deletions
diff --git a/‎supertokens_python/recipe/session/claim_base_classes/primitive_claim.py
Lines changed: 17 additions & 5 deletions b/‎supertokens_python/recipe/session/claim_base_classes/primitive_claim.py
Lines changed: 17 additions & 5 deletions
diff --git a/‎supertokens_python/recipe/session/framework/django/asyncio/__init__.py
Lines changed: 1 addition & 1 deletion b/‎supertokens_python/recipe/session/framework/django/asyncio/__init__.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎supertokens_python/recipe/session/framework/django/syncio/__init__.py
Lines changed: 1 addition & 1 deletion b/‎supertokens_python/recipe/session/framework/django/syncio/__init__.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎supertokens_python/recipe/session/framework/fastapi/__init__.py
Lines changed: 1 addition & 1 deletion b/‎supertokens_python/recipe/session/framework/fastapi/__init__.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎supertokens_python/recipe/session/framework/flask/__init__.py
Lines changed: 1 addition & 1 deletion b/‎supertokens_python/recipe/session/framework/flask/__init__.py
Lines changed: 1 addition & 1 deletion
@@ -23,6 +23,7 @@
 )
 from supertokens_python.types import MaybeAwaitable
 from supertokens_python.utils import normalise_http_method
+from ..utils import get_required_claim_validators
 
 if TYPE_CHECKING:
     from supertokens_python.recipe.session.interfaces import APIOptions
@@ -67,7 +68,7 @@ async def verify_session(
         session_required: bool,
         override_global_claim_validators: Optional[
             Callable[
-                [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+                [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
                 MaybeAwaitable[List[SessionClaimValidator]],
             ]
         ],
@@ -91,10 +92,15 @@ async def verify_session(
         )
 
         if session is not None:
-            await api_options.recipe_implementation.assert_claims(
+            claim_validators = await get_required_claim_validators(
                 session,
                 override_global_claim_validators,
                 user_context,
             )
+            await api_options.recipe_implementation.assert_claims(
+                session,
+                claim_validators,
+                user_context,
+            )
 
         return session
@@ -22,10 +22,15 @@
     SessionInformationResult,
     SessionClaim,
     SessionClaimValidator,
+    SessionDoesntExistError,
+    ValidateClaimsOkResult,
+    JSONObject,
+    GetClaimValueOkResult,
 )
 from supertokens_python.recipe.session.recipe import SessionRecipe
 from supertokens_python.types import MaybeAwaitable
-from supertokens_python.utils import FRAMEWORKS
+from supertokens_python.utils import FRAMEWORKS, resolve
+from ..utils import get_required_claim_validators
 from ...jwt.interfaces import (
     CreateJwtOkResult,
     CreateJwtResultUnsupportedAlgorithm,
@@ -53,11 +58,118 @@ async def create_new_session(
     )
 
 
+async def validate_claims_for_session_handle(
+    session_handle: str,
+    override_global_claim_validators: Optional[
+        Callable[
+            [
+                List[SessionClaimValidator],
+                SessionInformationResult,
+                Dict[str, Any],
+            ],  # Prev. 2nd arg was SessionContainer
+            MaybeAwaitable[List[SessionClaimValidator]],
+        ]
+    ] = None,
+    user_context: Union[None, Dict[str, Any]] = None,
+) -> Union[SessionDoesntExistError, ValidateClaimsOkResult]:
+    if user_context is None:
+        user_context = {}
+
+    recipe_impl = SessionRecipe.get_instance().recipe_implementation
+    session_info = await recipe_impl.get_session_information(
+        session_handle, user_context
+    )
+
+    if session_info is None:
+        return SessionDoesntExistError()
+
+    claim_validators_added_by_other_recipes = (
+        SessionRecipe.get_claim_validators_added_by_other_recipes()
+    )
+    global_claim_validators = await resolve(
+        recipe_impl.get_global_claim_validators(
+            session_info.user_id,
+            claim_validators_added_by_other_recipes,
+            user_context,
+        )
+    )
+
+    if override_global_claim_validators is not None:
+        claim_validators = await resolve(
+            override_global_claim_validators(
+                global_claim_validators, session_info, user_context
+            )
+        )
+    else:
+        claim_validators = global_claim_validators
+
+    return await recipe_impl.validate_claims_for_session_handle(
+        session_info, claim_validators, user_context
+    )
+
+
+async def validate_claims_in_jwt_payload(
+    user_id: str,
+    jwt_payload: JSONObject,
+    override_global_claim_validators: Optional[
+        Callable[
+            [
+                List[SessionClaimValidator],
+                str,
+                Dict[str, Any],
+            ],  # Prev. 2nd arg was SessionContainer
+            MaybeAwaitable[List[SessionClaimValidator]],
+        ]
+    ] = None,
+    user_context: Union[None, Dict[str, Any]] = None,
+):
+    if user_context is None:
+        user_context = {}
+
+    recipe_impl = SessionRecipe.get_instance().recipe_implementation
+
+    claim_validators_added_by_other_recipes = (
+        SessionRecipe.get_claim_validators_added_by_other_recipes()
+    )
+    global_claim_validators = await resolve(
+        recipe_impl.get_global_claim_validators(
+            user_id,
+            claim_validators_added_by_other_recipes,
+            user_context,
+        )
+    )
+
+    if override_global_claim_validators is not None:
+        claim_validators = await resolve(
+            override_global_claim_validators(
+                global_claim_validators, user_id, user_context
+            )
+        )
+    else:
+        claim_validators = global_claim_validators
+
+    return await recipe_impl.validate_claims_in_jwt_payload(
+        user_id, jwt_payload, claim_validators, user_context
+    )
+
+
+async def fetch_and_set_claim(
+    session_handle: str,
+    claim: SessionClaim[Any],
+    user_context: Union[None, Dict[str, Any]] = None,
+) -> bool:
+    if user_context is None:
+        user_context = {}
+    return await SessionRecipe.get_instance().recipe_implementation.fetch_and_set_claim(
+        session_handle, claim, user_context
+    )
+
+
 async def get_claim_value(
     session_handle: str,
     claim: SessionClaim[_T],
     user_context: Union[None, Dict[str, Any]] = None,
-) -> Union[_T, None]:
+) -> Union[SessionDoesntExistError, GetClaimValueOkResult[_T]]:
     if user_context is None:
         user_context = {}
     return await SessionRecipe.get_instance().recipe_implementation.get_claim_value(
@@ -96,7 +208,7 @@ async def get_session(
     session_required: bool = True,
     override_global_claim_validators: Optional[
         Callable[
-            [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+            [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
             MaybeAwaitable[List[SessionClaimValidator]],
         ]
     ] = None,
@@ -119,9 +231,10 @@ async def get_session(
     )
 
     if session is not None:
-        await session_recipe_impl.assert_claims(
+        claim_validators = await get_required_claim_validators(
             session, override_global_claim_validators, user_context
         )
+        await session_recipe_impl.assert_claims(session, claim_validators, user_context)
 
     return session
 
 
@@ -53,7 +53,7 @@ def should_refetch(
                 ):
                     return claim.get_value_from_payload(payload, user_context) is None
 
-                def validate(
+                async def validate(
                     self,
                     payload: JSONObject,
                     user_context: Union[Dict[str, Any], None] = None,
@@ -93,23 +93,26 @@ def should_refetch(
                         claim.get_value_from_payload(payload, user_context) is None
                     ) or (payload[claim.key]["t"] < time.time() - max_age_in_sec * 1000)
 
-                def validate(
+                async def validate(
                     self,
                     payload: JSONObject,
                     user_context: Union[Dict[str, Any], None] = None,
                 ):
                     claim_val = claim.get_value_from_payload(payload, user_context)
-                    if claim_val != val:
+                    if claim_val is None:
                         return {
                             "isValid": False,
                             "reason": {
-                                "message": "wrong value",
+                                "message": "value does not exist",
                                 "expectedValue": val,
                                 "actualValue": claim_val,
                             },
                         }
 
-                    age_in_sec = (time.time() - payload[claim.key]["t"]) / 1000
+                    age_in_sec = (
+                        time.time()
+                        - float(claim.get_last_refetch_time(payload, user_context) or 0)
+                    ) / 1000
                     if age_in_sec > max_age_in_sec:
                         return {
                             "isValid": False,
@@ -119,6 +122,15 @@ def validate(
                                 "maxAgeInSeconds": max_age_in_sec,
                             },
                         }
+                    if claim_val != val:
+                        return {
+                            "isValid": False,
+                            "reason": {
+                                "message": "wrong value",
+                                "expectedValue": val,
+                                "actualValue": claim_val,
+                            },
+                        }
 
                     return {"isValid": True}
 
 
@@ -31,7 +31,7 @@ def verify_session(
     user_context: Union[None, Dict[str, Any]] = None,
     override_global_claim_validators: Optional[
         Callable[
-            [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+            [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
             MaybeAwaitable[List[SessionClaimValidator]],
         ]
     ] = None,
 
@@ -32,7 +32,7 @@ def verify_session(
     user_context: Union[None, Dict[str, Any]] = None,
     override_global_claim_validators: Optional[
         Callable[
-            [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+            [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
             MaybeAwaitable[List[SessionClaimValidator]],
         ]
     ] = None,
 
@@ -26,7 +26,7 @@ def verify_session(
     user_context: Union[None, Dict[str, Any]] = None,
     override_global_claim_validators: Optional[
         Callable[
-            [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+            [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
             MaybeAwaitable[List[SessionClaimValidator]],
         ]
     ] = None,
 
@@ -29,7 +29,7 @@ def verify_session(
     user_context: Union[None, Dict[str, Any]] = None,
     override_global_claim_validators: Optional[
         Callable[
-            [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],
+            [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],
             MaybeAwaitable[List[SessionClaimValidator]],
         ]
     ] = None,
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ def verify_session(`
`31`	`31`	`user_context: Union[None, Dict[str, Any]] = None,`
`32`	`32`	`override_global_claim_validators: Optional[`
`33`	`33`	`Callable[`
`34`		`- [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],`
	`34`	`+ [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],`
`35`	`35`	`MaybeAwaitable[List[SessionClaimValidator]],`
`36`	`36`	`]`
`37`	`37`	`] = None,`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ def verify_session(`
`32`	`32`	`user_context: Union[None, Dict[str, Any]] = None,`
`33`	`33`	`override_global_claim_validators: Optional[`
`34`	`34`	`Callable[`
`35`		`- [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],`
	`35`	`+ [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],`
`36`	`36`	`MaybeAwaitable[List[SessionClaimValidator]],`
`37`	`37`	`]`
`38`	`38`	`] = None,`
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@ def verify_session(`
`26`	`26`	`user_context: Union[None, Dict[str, Any]] = None,`
`27`	`27`	`override_global_claim_validators: Optional[`
`28`	`28`	`Callable[`
`29`		`- [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],`
	`29`	`+ [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],`
`30`	`30`	`MaybeAwaitable[List[SessionClaimValidator]],`
`31`	`31`	`]`
`32`	`32`	`] = None,`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ def verify_session(`
`29`	`29`	`user_context: Union[None, Dict[str, Any]] = None,`
`30`	`30`	`override_global_claim_validators: Optional[`
`31`	`31`	`Callable[`
`32`		`- [SessionContainer, List[SessionClaimValidator], Dict[str, Any]],`
	`32`	`+ [List[SessionClaimValidator], SessionContainer, Dict[str, Any]],`
`33`	`33`	`MaybeAwaitable[List[SessionClaimValidator]],`
`34`	`34`	`]`
`35`	`35`	`] = None,`