Merge pull request #376 from supertokens/fix/emailpassword-mt

fix: Add multitenancy features to emailpassword recipe

Author: rishabhpoddar

supertokens_python/recipe/dashboard/api/userdetails/user_password_put.py

@@ -72,13 +72,13 @@ async def handle_user_password_put(
     async def reset_password(
         form_fields: List[NormalisedFormField],
         create_reset_password_token: Callable[
-            [str, Dict[str, Any]],
+            [str, str, Dict[str, Any]],
             Awaitable[
                 Union[CreateResetPasswordOkResult, CreateResetPasswordWrongUserIdError]
             ],
         ],
         reset_password_using_token: Callable[
-            [str, str, Dict[str, Any]],
+            [str, str, str, Dict[str, Any]],
             Awaitable[
                 Union[
                     ResetPasswordUsingTokenOkResult,
@@ -100,15 +100,18 @@ async def reset_password(
                 password_validation_error
             )
 
-        password_reset_token = await create_reset_password_token(user_id, user_context)
+        # TODO: Pass tenant id
+        password_reset_token = await create_reset_password_token(
+            "pass-tenant-id", user_id, user_context
+        )
 
         if isinstance(password_reset_token, CreateResetPasswordWrongUserIdError):
             # Techincally it can but its an edge case so we assume that it wont
             # UNKNOWN_USER_ID_ERROR
             raise Exception("Should never come here")
 
         password_reset_response = await reset_password_using_token(
-            password_reset_token.token, new_password, user_context
+            "pass-tenant-id", password_reset_token.token, new_password, user_context
         )
 
         if isinstance(

supertokens_python/recipe/emailpassword/api/email_exists.py

@@ -26,6 +26,7 @@
 
 
 async def handle_email_exists_api(
+    tenant_id: str,
     api_implementation: APIInterface,
     api_options: APIOptions,
     user_context: Dict[str, Any],
@@ -37,6 +38,6 @@ async def handle_email_exists_api(
         raise_bad_input_exception("Please provide the email as a GET param")
 
     response = await api_implementation.email_exists_get(
-        email, api_options, user_context
+        email, tenant_id, api_options, user_context
     )
     return send_200_response(response.to_json(), api_options.response)

supertokens_python/recipe/emailpassword/api/generate_password_reset_token.py

@@ -28,6 +28,7 @@
 
 
 async def handle_generate_password_reset_token_api(
+    tenant_id: str,
     api_implementation: APIInterface,
     api_options: APIOptions,
     user_context: Dict[str, Any],
@@ -44,6 +45,6 @@ async def handle_generate_password_reset_token_api(
     )
 
     response = await api_implementation.generate_password_reset_token_post(
-        form_fields, api_options, user_context
+        form_fields, tenant_id, api_options, user_context
     )
     return send_200_response(response.to_json(), api_options.response)

supertokens_python/recipe/emailpassword/api/implementation.py

@@ -51,16 +51,21 @@
 
 class APIImplementation(APIInterface):
     async def email_exists_get(
-        self, email: str, api_options: APIOptions, user_context: Dict[str, Any]
+        self,
+        email: str,
+        tenant_id: str,
+        api_options: APIOptions,
+        user_context: Dict[str, Any],
     ) -> Union[EmailExistsGetOkResult, GeneralErrorResponse]:
         user = await api_options.recipe_implementation.get_user_by_email(
-            email, user_context
+            email, tenant_id, user_context
         )
         return EmailExistsGetOkResult(user is not None)
 
     async def generate_password_reset_token_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[GeneratePasswordResetTokenPostOkResult, GeneralErrorResponse]:
@@ -72,15 +77,15 @@ async def generate_password_reset_token_post(
         email = emailFormField.value
 
         user = await api_options.recipe_implementation.get_user_by_email(
-            email, user_context
+            email, tenant_id, user_context
         )
 
         if user is None:
             return GeneratePasswordResetTokenPostOkResult()
 
         token_result = (
             await api_options.recipe_implementation.create_reset_password_token(
-                user.user_id, user_context
+                user.user_id, tenant_id, user_context
             )
         )
 
@@ -98,6 +103,8 @@ async def generate_password_reset_token_post(
             + token
             + "&rid="
             + api_options.recipe_id
+            + "&tenantId="
+            + tenant_id
         )
 
         log_debug_message("Sending password reset email to %s", email)
@@ -115,6 +122,7 @@ async def password_reset_post(
         self,
         form_fields: List[FormField],
         token: str,
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[
@@ -130,7 +138,7 @@ async def password_reset_post(
         new_password = new_password_for_field.value
 
         result = await api_options.recipe_implementation.reset_password_using_token(
-            token, new_password, user_context
+            token, new_password, tenant_id, user_context
         )
 
         if isinstance(result, ResetPasswordUsingTokenInvalidTokenError):
@@ -141,6 +149,7 @@ async def password_reset_post(
     async def sign_in_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[
@@ -161,7 +170,7 @@ async def sign_in_post(
         email = email_form_field.value
 
         result = await api_options.recipe_implementation.sign_in(
-            email, password, user_context
+            email, password, tenant_id, user_context
         )
 
         if isinstance(result, SignInWrongCredentialsError):
@@ -180,6 +189,7 @@ async def sign_in_post(
     async def sign_up_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[
@@ -200,7 +210,7 @@ async def sign_up_post(
         email = email_form_field.value
 
         result = await api_options.recipe_implementation.sign_up(
-            email, password, user_context
+            email, password, tenant_id, user_context
         )
 
         if isinstance(result, SignUpEmailAlreadyExistsError):

supertokens_python/recipe/emailpassword/api/password_reset.py

@@ -28,6 +28,7 @@
 
 
 async def handle_password_reset_api(
+    tenant_id: str,
     api_implementation: APIInterface,
     api_options: APIOptions,
     user_context: Dict[str, Any],
@@ -51,6 +52,6 @@ async def handle_password_reset_api(
     token = body["token"]
 
     response = await api_implementation.password_reset_post(
-        form_fields, token, api_options, user_context
+        form_fields, token, tenant_id, api_options, user_context
     )
     return send_200_response(response.to_json(), api_options.response)

supertokens_python/recipe/emailpassword/api/signin.py

@@ -28,6 +28,7 @@
 
 
 async def handle_sign_in_api(
+    tenant_id: str,
     api_implementation: APIInterface,
     api_options: APIOptions,
     user_context: Dict[str, Any],
@@ -43,7 +44,7 @@ async def handle_sign_in_api(
     )
 
     response = await api_implementation.sign_in_post(
-        form_fields, api_options, user_context
+        form_fields, tenant_id, api_options, user_context
     )
 
     return send_200_response(response.to_json(), api_options.response)

supertokens_python/recipe/emailpassword/api/signup.py

@@ -34,6 +34,7 @@
 
 
 async def handle_sign_up_api(
+    tenant_id: str,
     api_implementation: APIInterface,
     api_options: APIOptions,
     user_context: Dict[str, Any],
@@ -49,7 +50,7 @@ async def handle_sign_up_api(
     )
 
     response = await api_implementation.sign_up_post(
-        form_fields, api_options, user_context
+        form_fields, tenant_id, api_options, user_context
     )
 
     if isinstance(response, SignUpPostOkResult):

supertokens_python/recipe/emailpassword/asyncio/__init__.py

@@ -11,11 +11,12 @@
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
-from typing import Any, Dict, Union
+from typing import Any, Dict, Union, Optional
 
 from supertokens_python.recipe.emailpassword import EmailPasswordRecipe
 
 from ..types import EmailTemplateVars, User
+from ...multitenancy.constants import DEFAULT_TENANT_ID
 
 
 async def update_email_or_password(
@@ -45,52 +46,65 @@ async def get_user_by_id(
 
 
 async def get_user_by_email(
-    email: str, user_context: Union[None, Dict[str, Any]] = None
+    tenant_id: Optional[str],
+    email: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ) -> Union[User, None]:
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().recipe_implementation.get_user_by_email(
-        email, user_context
+        email, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
 async def create_reset_password_token(
-    user_id: str, user_context: Union[None, Dict[str, Any]] = None
+    tenant_id: Optional[str],
+    user_id: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().recipe_implementation.create_reset_password_token(
-        user_id, user_context
+        user_id, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
 async def reset_password_using_token(
-    token: str, new_password: str, user_context: Union[None, Dict[str, Any]] = None
+    tenant_id: Optional[str],
+    token: str,
+    new_password: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().recipe_implementation.reset_password_using_token(
-        token, new_password, user_context
+        token, new_password, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
 async def sign_in(
-    email: str, password: str, user_context: Union[None, Dict[str, Any]] = None
+    tenant_id: Optional[str],
+    email: str,
+    password: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_in(
-        email, password, user_context
+        email, password, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 
 async def sign_up(
-    email: str, password: str, user_context: Union[None, Dict[str, Any]] = None
+    tenant_id: Optional[str],
+    email: str,
+    password: str,
+    user_context: Union[None, Dict[str, Any]] = None,
 ):
     if user_context is None:
         user_context = {}
     return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_up(
-        email, password, user_context
+        email, password, tenant_id or DEFAULT_TENANT_ID, user_context
     )
 
 

supertokens_python/recipe/emailpassword/interfaces.py

@@ -97,33 +97,37 @@ async def get_user_by_id(
 
     @abstractmethod
     async def get_user_by_email(
-        self, email: str, user_context: Dict[str, Any]
+        self, email: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[User, None]:
         pass
 
     @abstractmethod
     async def create_reset_password_token(
-        self, user_id: str, user_context: Dict[str, Any]
+        self, user_id: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[CreateResetPasswordOkResult, CreateResetPasswordWrongUserIdError]:
         pass
 
     @abstractmethod
     async def reset_password_using_token(
-        self, token: str, new_password: str, user_context: Dict[str, Any]
+        self,
+        token: str,
+        new_password: str,
+        tenant_id: str,
+        user_context: Dict[str, Any],
     ) -> Union[
         ResetPasswordUsingTokenOkResult, ResetPasswordUsingTokenInvalidTokenError
     ]:
         pass
 
     @abstractmethod
     async def sign_in(
-        self, email: str, password: str, user_context: Dict[str, Any]
+        self, email: str, password: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[SignInOkResult, SignInWrongCredentialsError]:
         pass
 
     @abstractmethod
     async def sign_up(
-        self, email: str, password: str, user_context: Dict[str, Any]
+        self, email: str, password: str, tenant_id: str, user_context: Dict[str, Any]
     ) -> Union[SignUpOkResult, SignUpEmailAlreadyExistsError]:
         pass
 
@@ -258,14 +262,19 @@ def __init__(self):
 
     @abstractmethod
     async def email_exists_get(
-        self, email: str, api_options: APIOptions, user_context: Dict[str, Any]
+        self,
+        email: str,
+        tenant_id: str,
+        api_options: APIOptions,
+        user_context: Dict[str, Any],
     ) -> Union[EmailExistsGetOkResult, GeneralErrorResponse]:
         pass
 
     @abstractmethod
     async def generate_password_reset_token_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[GeneratePasswordResetTokenPostOkResult, GeneralErrorResponse]:
@@ -276,6 +285,7 @@ async def password_reset_post(
         self,
         form_fields: List[FormField],
         token: str,
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[
@@ -289,6 +299,7 @@ async def password_reset_post(
     async def sign_in_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[
@@ -300,6 +311,7 @@ async def sign_in_post(
     async def sign_up_post(
         self,
         form_fields: List[FormField],
+        tenant_id: str,
         api_options: APIOptions,
         user_context: Dict[str, Any],
     ) -> Union[