Module supertokens_python.recipe.emailpassword.asyncio
Expand source code
# Copyright (c) 2021, VRAI Labs and/or its affiliates. All rights reserved.
#
# This software is licensed under the Apache License, Version 2.0 (the
# "License") as published by the Apache Software Foundation.
#
# You may not use this file except in compliance with the License. You may
# obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from typing import Any, Dict, Union, Optional
from typing_extensions import Literal
from supertokens_python import get_request_from_user_context
from supertokens_python.asyncio import get_user
from supertokens_python.auth_utils import LinkingToSessionUserFailedError
from supertokens_python.recipe.emailpassword import EmailPasswordRecipe
from supertokens_python.recipe.session import SessionContainer
from ..types import EmailTemplateVars
from ...multitenancy.constants import DEFAULT_TENANT_ID
from ....types import RecipeUserId
from supertokens_python.recipe.emailpassword.interfaces import (
CreateResetPasswordOkResult,
ConsumePasswordResetTokenOkResult,
PasswordResetTokenInvalidError,
UpdateEmailOrPasswordOkResult,
UnknownUserIdError,
UpdateEmailOrPasswordEmailChangeNotAllowedError,
PasswordPolicyViolationError,
SignUpOkResult,
EmailAlreadyExistsError,
SignInOkResult,
WrongCredentialsError,
)
from supertokens_python.recipe.emailpassword.utils import get_password_reset_link
from supertokens_python.recipe.emailpassword.types import (
PasswordResetEmailTemplateVars,
PasswordResetEmailTemplateVarsUser,
)
async def sign_up(
tenant_id: str,
email: str,
password: str,
session: Optional[SessionContainer] = None,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[SignUpOkResult, EmailAlreadyExistsError, LinkingToSessionUserFailedError]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_up(
email=email,
password=password,
tenant_id=tenant_id or DEFAULT_TENANT_ID,
session=session,
user_context=user_context,
should_try_linking_with_session_user=session is not None,
)
async def sign_in(
tenant_id: str,
email: str,
password: str,
session: Optional[SessionContainer] = None,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[SignInOkResult, WrongCredentialsError, LinkingToSessionUserFailedError]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_in(
email=email,
password=password,
tenant_id=tenant_id or DEFAULT_TENANT_ID,
session=session,
user_context=user_context,
should_try_linking_with_session_user=session is not None,
)
async def verify_credentials(
tenant_id: str,
email: str,
password: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[SignInOkResult, WrongCredentialsError]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.verify_credentials(
email, password, tenant_id or DEFAULT_TENANT_ID, user_context
)
async def create_reset_password_token(
tenant_id: str,
user_id: str,
email: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[CreateResetPasswordOkResult, UnknownUserIdError]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.create_reset_password_token(
user_id, email, tenant_id or DEFAULT_TENANT_ID, user_context
)
async def reset_password_using_token(
tenant_id: str,
token: str,
new_password: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[
UpdateEmailOrPasswordOkResult,
PasswordPolicyViolationError,
PasswordResetTokenInvalidError,
UnknownUserIdError,
]:
if user_context is None:
user_context = {}
consume_resp = await consume_password_reset_token(tenant_id, token, user_context)
if not isinstance(consume_resp, ConsumePasswordResetTokenOkResult):
return consume_resp
result = await update_email_or_password(
recipe_user_id=RecipeUserId(consume_resp.user_id),
email=consume_resp.email,
password=new_password,
tenant_id_for_password_policy=tenant_id,
user_context=user_context,
)
if isinstance(
result,
(EmailAlreadyExistsError, UpdateEmailOrPasswordEmailChangeNotAllowedError),
):
raise Exception("Should never happen")
return result
async def consume_password_reset_token(
tenant_id: str,
token: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[ConsumePasswordResetTokenOkResult, PasswordResetTokenInvalidError]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.consume_password_reset_token(
token, tenant_id or DEFAULT_TENANT_ID, user_context
)
async def update_email_or_password(
recipe_user_id: RecipeUserId,
email: Optional[str] = None,
password: Optional[str] = None,
apply_password_policy: Optional[bool] = None,
tenant_id_for_password_policy: Optional[str] = None,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[
UpdateEmailOrPasswordOkResult,
EmailAlreadyExistsError,
UnknownUserIdError,
UpdateEmailOrPasswordEmailChangeNotAllowedError,
PasswordPolicyViolationError,
]:
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().recipe_implementation.update_email_or_password(
recipe_user_id,
email,
password,
apply_password_policy,
tenant_id_for_password_policy or DEFAULT_TENANT_ID,
user_context,
)
async def create_reset_password_link(
tenant_id: str,
user_id: str,
email: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[str, UnknownUserIdError]:
if user_context is None:
user_context = {}
token = await create_reset_password_token(tenant_id, user_id, email, user_context)
if isinstance(token, UnknownUserIdError):
return token
recipe_instance = EmailPasswordRecipe.get_instance()
request = get_request_from_user_context(user_context)
return get_password_reset_link(
recipe_instance.get_app_info(),
token.token,
tenant_id or DEFAULT_TENANT_ID,
request,
user_context,
)
async def send_reset_password_email(
tenant_id: str,
user_id: str,
email: str,
user_context: Optional[Dict[str, Any]] = None,
) -> Union[Literal["UNKNOWN_USER_ID_ERROR"], Literal["OK"]]:
if user_context is None:
user_context = {}
user = await get_user(user_id, user_context)
if user is None:
return "UNKNOWN_USER_ID_ERROR"
login_method = next(
(
m
for m in user.login_methods
if m.recipe_id == "emailpassword" and m.has_same_email_as(email)
),
None,
)
if login_method is None:
return "UNKNOWN_USER_ID_ERROR"
link = await create_reset_password_link(tenant_id, user_id, email, user_context)
if isinstance(link, UnknownUserIdError):
return "UNKNOWN_USER_ID_ERROR"
assert login_method.email is not None
await send_email(
PasswordResetEmailTemplateVars(
user=PasswordResetEmailTemplateVarsUser(
user_id=user.id,
email=login_method.email,
recipe_user_id=login_method.recipe_user_id,
),
password_reset_link=link,
tenant_id=tenant_id or DEFAULT_TENANT_ID,
),
user_context,
)
return "OK"
async def send_email(
input_: EmailTemplateVars,
user_context: Optional[Dict[str, Any]] = None,
):
if user_context is None:
user_context = {}
return await EmailPasswordRecipe.get_instance().email_delivery.ingredient_interface_impl.send_email(
input_, user_context
)Functions
async def consume_password_reset_token(tenant_id: str, token: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[ConsumePasswordResetTokenOkResult, PasswordResetTokenInvalidError]-
Expand source code
async def consume_password_reset_token( tenant_id: str, token: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[ConsumePasswordResetTokenOkResult, PasswordResetTokenInvalidError]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.consume_password_reset_token( token, tenant_id or DEFAULT_TENANT_ID, user_context ) async def create_reset_password_link(tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[str, UnknownUserIdError]-
Expand source code
async def create_reset_password_link( tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[str, UnknownUserIdError]: if user_context is None: user_context = {} token = await create_reset_password_token(tenant_id, user_id, email, user_context) if isinstance(token, UnknownUserIdError): return token recipe_instance = EmailPasswordRecipe.get_instance() request = get_request_from_user_context(user_context) return get_password_reset_link( recipe_instance.get_app_info(), token.token, tenant_id or DEFAULT_TENANT_ID, request, user_context, ) async def create_reset_password_token(tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[CreateResetPasswordOkResult, UnknownUserIdError]-
Expand source code
async def create_reset_password_token( tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[CreateResetPasswordOkResult, UnknownUserIdError]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.create_reset_password_token( user_id, email, tenant_id or DEFAULT_TENANT_ID, user_context ) async def reset_password_using_token(tenant_id: str, token: str, new_password: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[UpdateEmailOrPasswordOkResult, PasswordPolicyViolationError, PasswordResetTokenInvalidError, UnknownUserIdError]-
Expand source code
async def reset_password_using_token( tenant_id: str, token: str, new_password: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[ UpdateEmailOrPasswordOkResult, PasswordPolicyViolationError, PasswordResetTokenInvalidError, UnknownUserIdError, ]: if user_context is None: user_context = {} consume_resp = await consume_password_reset_token(tenant_id, token, user_context) if not isinstance(consume_resp, ConsumePasswordResetTokenOkResult): return consume_resp result = await update_email_or_password( recipe_user_id=RecipeUserId(consume_resp.user_id), email=consume_resp.email, password=new_password, tenant_id_for_password_policy=tenant_id, user_context=user_context, ) if isinstance( result, (EmailAlreadyExistsError, UpdateEmailOrPasswordEmailChangeNotAllowedError), ): raise Exception("Should never happen") return result async def send_email(input_: PasswordResetEmailTemplateVars, user_context: Optional[Dict[str, Any]] = None)-
Expand source code
async def send_email( input_: EmailTemplateVars, user_context: Optional[Dict[str, Any]] = None, ): if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().email_delivery.ingredient_interface_impl.send_email( input_, user_context ) async def send_reset_password_email(tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[Literal['UNKNOWN_USER_ID_ERROR'], Literal['OK']]-
Expand source code
async def send_reset_password_email( tenant_id: str, user_id: str, email: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[Literal["UNKNOWN_USER_ID_ERROR"], Literal["OK"]]: if user_context is None: user_context = {} user = await get_user(user_id, user_context) if user is None: return "UNKNOWN_USER_ID_ERROR" login_method = next( ( m for m in user.login_methods if m.recipe_id == "emailpassword" and m.has_same_email_as(email) ), None, ) if login_method is None: return "UNKNOWN_USER_ID_ERROR" link = await create_reset_password_link(tenant_id, user_id, email, user_context) if isinstance(link, UnknownUserIdError): return "UNKNOWN_USER_ID_ERROR" assert login_method.email is not None await send_email( PasswordResetEmailTemplateVars( user=PasswordResetEmailTemplateVarsUser( user_id=user.id, email=login_method.email, recipe_user_id=login_method.recipe_user_id, ), password_reset_link=link, tenant_id=tenant_id or DEFAULT_TENANT_ID, ), user_context, ) return "OK" async def sign_in(tenant_id: str, email: str, password: str, session: Optional[SessionContainer] = None, user_context: Optional[Dict[str, Any]] = None) ‑> Union[SignInOkResult, WrongCredentialsError, LinkingToSessionUserFailedError]-
Expand source code
async def sign_in( tenant_id: str, email: str, password: str, session: Optional[SessionContainer] = None, user_context: Optional[Dict[str, Any]] = None, ) -> Union[SignInOkResult, WrongCredentialsError, LinkingToSessionUserFailedError]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_in( email=email, password=password, tenant_id=tenant_id or DEFAULT_TENANT_ID, session=session, user_context=user_context, should_try_linking_with_session_user=session is not None, ) async def sign_up(tenant_id: str, email: str, password: str, session: Optional[SessionContainer] = None, user_context: Optional[Dict[str, Any]] = None) ‑> Union[SignUpOkResult, EmailAlreadyExistsError, LinkingToSessionUserFailedError]-
Expand source code
async def sign_up( tenant_id: str, email: str, password: str, session: Optional[SessionContainer] = None, user_context: Optional[Dict[str, Any]] = None, ) -> Union[SignUpOkResult, EmailAlreadyExistsError, LinkingToSessionUserFailedError]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.sign_up( email=email, password=password, tenant_id=tenant_id or DEFAULT_TENANT_ID, session=session, user_context=user_context, should_try_linking_with_session_user=session is not None, ) async def update_email_or_password(recipe_user_id: RecipeUserId, email: Optional[str] = None, password: Optional[str] = None, apply_password_policy: Optional[bool] = None, tenant_id_for_password_policy: Optional[str] = None, user_context: Optional[Dict[str, Any]] = None) ‑> Union[UpdateEmailOrPasswordOkResult, EmailAlreadyExistsError, UnknownUserIdError, UpdateEmailOrPasswordEmailChangeNotAllowedError, PasswordPolicyViolationError]-
Expand source code
async def update_email_or_password( recipe_user_id: RecipeUserId, email: Optional[str] = None, password: Optional[str] = None, apply_password_policy: Optional[bool] = None, tenant_id_for_password_policy: Optional[str] = None, user_context: Optional[Dict[str, Any]] = None, ) -> Union[ UpdateEmailOrPasswordOkResult, EmailAlreadyExistsError, UnknownUserIdError, UpdateEmailOrPasswordEmailChangeNotAllowedError, PasswordPolicyViolationError, ]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.update_email_or_password( recipe_user_id, email, password, apply_password_policy, tenant_id_for_password_policy or DEFAULT_TENANT_ID, user_context, ) async def verify_credentials(tenant_id: str, email: str, password: str, user_context: Optional[Dict[str, Any]] = None) ‑> Union[SignInOkResult, WrongCredentialsError]-
Expand source code
async def verify_credentials( tenant_id: str, email: str, password: str, user_context: Optional[Dict[str, Any]] = None, ) -> Union[SignInOkResult, WrongCredentialsError]: if user_context is None: user_context = {} return await EmailPasswordRecipe.get_instance().recipe_implementation.verify_credentials( email, password, tenant_id or DEFAULT_TENANT_ID, user_context )