feat: Router changes to handle tenant id

supertokens_python/recipe/dashboard/recipe.py

@@ -13,11 +13,12 @@
 # under the License.
 from __future__ import annotations
 
+import re
 from os import environ
 from typing import TYPE_CHECKING, Awaitable, Callable, List, Optional, Union
 
 from supertokens_python.normalised_url_path import NormalisedURLPath
-from supertokens_python.recipe_module import APIHandled, RecipeModule
+from supertokens_python.recipe_module import APIHandled, RecipeModule, ApiIdWithTenantId
 
 from .api import (
     api_key_protector,
@@ -45,6 +46,7 @@
 from .exceptions import SuperTokensDashboardError
 from .interfaces import APIInterface, APIOptions
 from .recipe_implementation import RecipeImplementation
+from ..multitenancy.constants import DEFAULT_TENANT_ID
 
 if TYPE_CHECKING:
     from supertokens_python.framework.request import BaseRequest
@@ -126,6 +128,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -245,15 +248,56 @@ def reset():
 
     def return_api_id_if_can_handle_request(
         self, path: NormalisedURLPath, method: str
-    ) -> Union[str, None]:
+    ) -> Union[ApiIdWithTenantId, None]:
         dashboard_bundle_path = self.app_info.api_base_path.append(
             NormalisedURLPath(DASHBOARD_API)
         )
 
-        if is_api_path(path, self.app_info):
-            return get_api_if_matched(path, method)
+        base_path_str = self.app_info.api_base_path.get_as_string_dangerous()
+        path_str = path.get_as_string_dangerous()
+        regex = rf"^{base_path_str}(?:/([a-zA-Z0-9-]+))?(/.*)$"
+        # some examples against for above regex:
+        # books => match = None
+        # public/books => match = None
+        # /books => match.group(1) = None, match.group(2) = /dashboard
+        # /public/books => match.group(1) = 'public', match.group(2) = '/books'
+        # /public/book/1 => match.group(1) = 'public', match.group(2) = '/book/1'
+
+        match = re.match(regex, path_str)
+        match_group_1 = match.group(1) if match is not None else None
+        match_group_2 = match.group(2) if match is not None else None
+
+        tenant_id: str = DEFAULT_TENANT_ID
+        remaining_path: Optional[NormalisedURLPath] = None
+
+        if (
+            match is not None
+            and isinstance(match_group_1, str)
+            and isinstance(match_group_2, str)
+        ):
+            tenant_id = match_group_1
+            remaining_path = NormalisedURLPath(match_group_2)
+
+        if is_api_path(path, self.app_info.api_base_path) or (
+            remaining_path is not None
+            and is_api_path(
+                path,
+                self.app_info.api_base_path.append(NormalisedURLPath(f"/{tenant_id}")),
+            )
+        ):
+            # check remainingPath first as path that contains tenantId might match as well
+            # since getApiIdIfMatched uses endsWith to match
+            if remaining_path is not None:
+                id_ = get_api_if_matched(remaining_path, method)
+                if id_ is not None:
+                    return ApiIdWithTenantId(id_, tenant_id)
+
+            id_ = get_api_if_matched(path, method)
+            if id_ is not None:
+                return ApiIdWithTenantId(id_, DEFAULT_TENANT_ID)
 
         if path.startswith(dashboard_bundle_path):
-            return DASHBOARD_API
+            return ApiIdWithTenantId(DASHBOARD_API, DEFAULT_TENANT_ID)
 
+        # tenantId is not supported for bundlePath, so not matching for it
         return None

supertokens_python/recipe/dashboard/utils.py

@@ -17,7 +17,6 @@
 
 if TYPE_CHECKING:
     from supertokens_python.framework.request import BaseRequest
-    from ...supertokens import AppInfo
 
 from supertokens_python.recipe.emailpassword import EmailPasswordRecipe
 from supertokens_python.recipe.emailpassword.asyncio import (
@@ -195,10 +194,8 @@ def validate_and_normalise_user_input(
     )
 
 
-def is_api_path(path: NormalisedURLPath, app_info: AppInfo) -> bool:
-    dashboard_recipe_base_path = app_info.api_base_path.append(
-        NormalisedURLPath(DASHBOARD_API)
-    )
+def is_api_path(path: NormalisedURLPath, base_path: NormalisedURLPath) -> bool:
+    dashboard_recipe_base_path = base_path.append(NormalisedURLPath(DASHBOARD_API))
 
     if not path.startswith(dashboard_recipe_base_path):
         return False

supertokens_python/recipe/emailpassword/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, Any, Dict, List, Union
+from typing import TYPE_CHECKING, Any, Dict, List, Union, Optional
 
 from supertokens_python.ingredients.emaildelivery import EmailDeliveryIngredient
 from supertokens_python.ingredients.emaildelivery.types import EmailDeliveryConfig
@@ -170,6 +170,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/emailverification/recipe.py

@@ -165,6 +165,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/jwt/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, List, Union
+from typing import TYPE_CHECKING, List, Union, Optional
 
 from supertokens_python.querier import Querier
 from supertokens_python.recipe.jwt.api.implementation import APIImplementation
@@ -80,6 +80,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/multitenancy/constants.py

@@ -12,4 +12,4 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 LOGIN_METHODS = "/loginmethods"
-DEFAULT_TENANT_ID = "defaultTenantId"
+DEFAULT_TENANT_ID = "public"

supertokens_python/recipe/multitenancy/recipe.py

@@ -122,6 +122,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/openid/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, List, Union
+from typing import TYPE_CHECKING, List, Union, Optional
 
 from supertokens_python.querier import Querier
 from supertokens_python.recipe.jwt import JWTRecipe
@@ -89,6 +89,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -107,7 +108,7 @@ async def handle_api_request(
                 self.api_implementation, options
             )
         return await self.jwt_recipe.handle_api_request(
-            request_id, request, path, method, response
+            request_id, tenant_id, request, path, method, response
         )
 
     async def handle_error(

supertokens_python/recipe/passwordless/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, Any, Awaitable, Callable, Dict, List, Union
+from typing import TYPE_CHECKING, Any, Awaitable, Callable, Dict, List, Union, Optional
 
 from supertokens_python.ingredients.emaildelivery import EmailDeliveryIngredient
 from supertokens_python.ingredients.emaildelivery.types import EmailDeliveryConfig
@@ -185,6 +185,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/session/recipe.py

@@ -187,6 +187,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -215,7 +216,7 @@ async def handle_api_request(
                 ),
             )
         return await self.openid_recipe.handle_api_request(
-            request_id, request, path, method, response
+            request_id, tenant_id, request, path, method, response
         )
 
     async def handle_error(

supertokens_python/recipe/thirdparty/providers/apple.py

@@ -18,12 +18,8 @@
 from jwt import encode  # type: ignore
 from time import time
 
-from ..provider import (
-    Provider,
-    ProviderConfigForClientType,
-    ProviderInput,
-)
 from .custom import GenericProvider, NewProvider
+from ..provider import Provider, ProviderConfigForClientType, ProviderInput
 from .utils import get_actual_client_id_from_development_client_id
 
 
@@ -54,7 +50,7 @@ async def _get_client_secret(  # pylint: disable=no-self-use
                 "Please ensure that keyId, teamId and privateKey are provided in the additionalConfig"
             )
 
-        payload = {
+        payload: Dict[str, Any] = {
             "iss": config.additional_config.get("teamId"),
             "iat": time(),
             "exp": time() + (86400 * 180),  # 6 months

supertokens_python/recipe/thirdparty/providers/bitbucket.py

@@ -19,12 +19,10 @@
 from ..provider import Provider, ProviderInput
 
 
-# TODO Implement when it's done in Node PR
 class BitbucketImpl(GenericProvider):
     pass
 
 
-# TODO Finish when it's done in Node PR
 def Bitbucket(input: ProviderInput) -> Provider:  # pylint: disable=redefined-builtin
     if input.config.name is None:
         input.config.name = "Bitbucket"
@@ -40,7 +38,4 @@ def Bitbucket(input: ProviderInput) -> Provider:  # pylint: disable=redefined-bu
     if input.config.user_info_endpoint is None:
         input.config.user_info_endpoint = "https://api.bitbucket.org/2.0/user"
 
-    # TODO overrides and working of this
-    # once done in Node PR
-
     return NewProvider(input, BitbucketImpl)

supertokens_python/recipe/thirdparty/providers/gitlab.py

@@ -19,11 +19,9 @@
 from ..provider import Provider, ProviderInput
 
 
-# TODO Implement when it's done in Node PR
 class GitlabImpl(GenericProvider):
     pass
 
 
-# TODO Implement when it's done in Node PR
 def Gitlab(input: ProviderInput) -> Provider:  # pylint: disable=redefined-builtin
     return NewProvider(input, GitlabImpl)

supertokens_python/recipe/thirdparty/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, Any, Dict, List, Union
+from typing import TYPE_CHECKING, Any, Dict, List, Union, Optional
 
 from supertokens_python.normalised_url_path import NormalisedURLPath
 from supertokens_python.querier import Querier
@@ -121,6 +121,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,

supertokens_python/recipe/thirdpartyemailpassword/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, List, Union
+from typing import TYPE_CHECKING, List, Union, Optional
 
 from supertokens_python.framework.response import BaseResponse
 from supertokens_python.ingredients.emaildelivery.types import EmailDeliveryConfig
@@ -210,6 +210,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -220,7 +221,7 @@ async def handle_api_request(
             is not None
         ):
             return await self.email_password_recipe.handle_api_request(
-                request_id, request, path, method, response
+                request_id, tenant_id, request, path, method, response
             )
         if (
             self.third_party_recipe is not None
@@ -230,7 +231,7 @@ async def handle_api_request(
             is not None
         ):
             return await self.third_party_recipe.handle_api_request(
-                request_id, request, path, method, response
+                request_id, tenant_id, request, path, method, response
             )
         return None
 

supertokens_python/recipe/thirdpartyemailpassword/recipeimplementation/implementation.py

@@ -13,7 +13,7 @@
 # under the License.
 from __future__ import annotations
 
-from typing import TYPE_CHECKING, Any, Dict, List, Optional, Union, Callable
+from typing import TYPE_CHECKING, Any, Dict, List, Union, Callable, Optional
 
 import supertokens_python.recipe.emailpassword.interfaces as EPInterfaces
 from supertokens_python.recipe.thirdparty.interfaces import GetProviderOkResult

supertokens_python/recipe/thirdpartypasswordless/recipe.py

@@ -14,7 +14,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import TYPE_CHECKING, Any, Dict, List, Union
+from typing import TYPE_CHECKING, Any, Dict, List, Union, Optional
 
 from supertokens_python.framework.response import BaseResponse
 from supertokens_python.ingredients.emaildelivery.types import EmailDeliveryConfig
@@ -224,6 +224,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,
@@ -234,7 +235,7 @@ async def handle_api_request(
             is not None
         ):
             return await self.passwordless_recipe.handle_api_request(
-                request_id, request, path, method, response
+                request_id, tenant_id, request, path, method, response
             )
         if (
             self.third_party_recipe is not None
@@ -244,7 +245,7 @@ async def handle_api_request(
             is not None
         ):
             return await self.third_party_recipe.handle_api_request(
-                request_id, request, path, method, response
+                request_id, tenant_id, request, path, method, response
             )
         return None
 

supertokens_python/recipe/usermetadata/recipe.py

@@ -15,7 +15,7 @@
 from __future__ import annotations
 
 from os import environ
-from typing import List, Union
+from typing import List, Union, Optional
 
 from supertokens_python.exceptions import SuperTokensError, raise_general_exception
 from supertokens_python.framework import BaseRequest, BaseResponse
@@ -66,6 +66,7 @@ def get_apis_handled(self) -> List[APIHandled]:
     async def handle_api_request(
         self,
         request_id: str,
+        tenant_id: Optional[str],
         request: BaseRequest,
         path: NormalisedURLPath,
         method: str,