Skip to content

Add multifactorauth setup #520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 45 commits into from
Closed

Add multifactorauth setup #520

wants to merge 45 commits into from

Conversation

satyamtg
Copy link

Summary of change

(A few sentences about this PR)

Related issues

  • Link to issue1 here
  • Link to issue1 here

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)

Documentation changes

(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)

Checklist for important updates

  • Changelog has been updated
  • coreDriverInterfaceSupported.json file has been updated (if needed)
    • Along with the associated array in supertokens_python/constants.py
  • frontendDriverInterfaceSupported.json file has been updated (if needed)
  • Changes to the version if needed
    • In setup.py
    • In supertokens_python/constants.py
  • Had installed and ran the pre-commit hook
  • Issue this PR against the latest non released version branch.
    • To know which one it is, run find the latest released tag (git tag) in the format vX.Y.Z, and then find the latest branch (git branch --all) whose X.Y is greater than the latest released tag.
    • If no such branch exists, then create one from the latest released branch.
  • If have added a new web framework, update the supertokens_python/utils.py file to include that in the FRAMEWORKS variable
  • If added a new recipe that has a User type with extra info, then be sure to change the User type in supertokens_python/types.py
  • Make sure that syncio / asyncio functions are consistent.
  • If access token structure has changed
    • Modified test in tests/sessions/test_access_token_version.py to account for any new claims that are optional or omitted by the core

Remaining TODOs for this PR

  • Item1
  • Item2

rishabhpoddar
rishabhpoddar suggested changes Jul 31, 2024
View reviewed changes
rishabhpoddar
rishabhpoddar suggested changes Aug 3, 2024
View reviewed changes
@satyamtg satyamtg requested a review from rishabhpoddar August 4, 2024 09:24
@satyamtg satyamtg marked this pull request as ready for review August 4, 2024 09:25
@satyamtg satyamtg changed the title Add multifactorauth Add multifactorauth setup Aug 4, 2024
rishabhpoddar
rishabhpoddar suggested changes Aug 5, 2024
View reviewed changes
supertokens_python/recipe/multitenancy/types.py
Comment on lines +4 to +9
class ValidFirstFactorResponse:
def __init__(
self,
status: Literal["OK", "INVALID_FIRST_FACTOR_ERROR", "TENANT_NOT_FOUND_ERROR"],
) -> None:
self.status = status
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these need to be individual classes. Otherwise there is no point in having this class as you can just return Literal directly anyway

supertokens_python/recipe/multitenancy/interfaces.py
Comment on lines +106 to +114
required_secondary_factors: Optional[List[str]] = None,
first_factors: Optional[List[str]] = None,
):
self.emailpassword = emailpassword
self.passwordless = passwordless
self.third_party = third_party
self.core_config = core_config
self.required_secondary_factors = required_secondary_factors
self.first_factors = first_factors
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this change required here for this PR?

supertokens_python/recipe/multifactorauth/asyncio/__init__.py
update_and_get_mfa_related_info_in_session,
)
from supertokens_python.recipe.session import SessionContainer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need these changes here for this pr?

supertokens_python/recipe/multifactorauth/syncio/__init__.py

from supertokens_python.async_to_sync_wrapper import sync
from supertokens_python.recipe.session import SessionContainer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need these changes here for this pr?

supertokens_python/recipe/multifactorauth/interfaces.py
options: APIOptions,
session: SessionContainer,
user_context: Dict[str, Any],
) -> Optional[Dict[str, object]]:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a badly typed output!

supertokens_python/recipe/multifactorauth/utils.py
Comment on lines +181 to +186
tenant_info = await get_tenant(tenant_id, input.user_context)
return (
tenant_info.required_secondary_factors
if tenant_info and tenant_info.required_secondary_factors
else []
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need to throw unauthorised error if tenant is None

supertokens_python/recipe/multifactorauth/utils.py
Comment on lines +193 to +199
factors_set_up_for_user=asyncio.create_task(get_factors_setup_for_user()),
required_secondary_factors_for_user=asyncio.create_task(
get_required_secondary_factors_for_user()
),
required_secondary_factors_for_tenant=asyncio.create_task(
get_required_secondary_factors_for_tenant()
),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is all wrong. We can't use create_task just like that.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The input type of get_mfa_requirements_for_auth needs to change to take functions!

supertokens_python/recipe/multifactorauth/types.py
Comment on lines +49 to +62
class FactorsResponse(TypedDict):
next: list[str]
already_setup: list[str]
allowed_to_setup: list[str]


class ResyncSessionResponse(TypedDict):
status: str
factors: FactorsResponse
emails: Dict[str, Optional[list[str]]]
phone_numbers: Dict[str, Optional[list[str]]]


ResyncSessionResult = ResyncSessionResponse | GeneralErrorResponse
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these dont seem to be used anywhere in the pr. Hence they are not needed here

supertokens_python/recipe/multifactorauth/types.py
Comment on lines +68 to +69
functions: Optional[Callable[[RecipeInterface], RecipeInterface]],
apis: Optional[Callable[[APIInterface], APIInterface]],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is incorrectly typed. It should have None by default!

supertokens_python/asyncio/__init__.py
@@ -11,7 +11,7 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not related to this file, but there are a lot of issues from a compiling / linting point of view. Run make check-lint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rishabhpoddar rishabhpoddar rishabhpoddar requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@satyamtg @rishabhpoddar