async def update_session_data(session_handle: str, new_session_data: dict):
response = await Querier.get_instance().send_put_request(SESSION_DATA, {
'sessionHandle': session_handle,
'userDataInDatabase': new_session_data
})
if response['status'] == 'UNAUTHORISED':
raise_unauthorised_exception(response['message'])
async def update_jwt_payload(session_handle: str, new_jwt_payload: dict):
response = await Querier.get_instance().send_put_request(JWT_DATA, {
'sessionHandle': session_handle,
'userDataInJWT': new_jwt_payload
})
if response['status'] == 'UNAUTHORISED':
raise_unauthorised_exception(response['message'])
async def refresh_session(request: Request) -> Session:
save_frontend_info_from_request(request)
refresh_token = get_refresh_token_from_cookie(request)
if refresh_token is None:
raise_unauthorised_exception(
'Missing auth tokens in cookies. Have you set the correct refresh API path in '
'your frontend and SuperTokens config?')
anti_csrf_token = get_anti_csrf_header(request)
new_session = await session_helper.refresh_session(refresh_token,
anti_csrf_token)
access_token = new_session['accessToken']
refresh_token = new_session['refreshToken']
id_refresh_token = new_session['idRefreshToken']
request.state.supertokens = Session(
access_token['token'], new_session['session']['handle'],
new_session['session']['userId'],
new_session['session']['userDataInJWT'])
request.state.supertokens.new_access_token_info = access_token
request.state.supertokens.new_refresh_token_info = refresh_token
request.state.supertokens.new_id_refresh_token_info = id_refresh_token
if 'antiCsrfToken' in new_session and new_session[
'antiCsrfToken'] is not None:
request.state.supertokens.new_anti_csrf_token = new_session[
'antiCsrfToken']
return request.state.supertokens
async def get_session(request: Request,
enable_csrf_protection: bool) -> Session:
save_frontend_info_from_request(request)
id_refresh_token = get_id_refresh_token_from_cookie(request)
if id_refresh_token is None:
raise_unauthorised_exception('id refresh token is missing in cookies')
access_token = get_access_token_from_cookie(request)
if access_token is None:
raise_try_refresh_token_exception('access token missing in cookies')
anti_csrf_token = get_anti_csrf_header(request)
new_session = await session_helper.get_session(access_token,
anti_csrf_token,
enable_csrf_protection)
if 'accessToken' in new_session:
access_token = new_session['accessToken']['token']
request.state.supertokens = Session(
access_token, new_session['session']['handle'],
new_session['session']['userId'],
new_session['session']['userDataInJWT'])
if 'accessToken' in new_session:
request.state.supertokens.new_access_token_info = new_session[
'accessToken']
return request.state.supertokens
async def get_jwt_payload(session_handle: str) -> dict:
response = await Querier.get_instance().send_get_request(JWT_DATA, {
'sessionHandle': session_handle
})
if response['status'] == 'OK':
return response['userDataInJWT']
else:
raise_unauthorised_exception(response['message'])
async def update_jwt_payload(self, new_jwt_payload) -> None:
result = await Querier.get_instance().send_post_request(
SESSION_REGENERATE, {
'accessToken': self.__access_token,
'userDataInJWT': new_jwt_payload
})
if result['status'] == 'UNAUTHORISED':
raise_unauthorised_exception(result['message'])
self.__jwt_payload = result['session']['userDataInJWT']
if 'accessToken' in result and result['accessToken'] is not None:
self.__access_token = result['accessToken']['token']
self.new_access_token_info = result['accessToken']
async def get_session(access_token: str, anti_csrf_token: Union[str, None], do_anti_csrf_check: bool):
handshake_info = await HandshakeInfo.get_instance()
try:
if handshake_info.jwt_signing_public_key_expiry_time > get_timestamp_ms():
access_token_info = get_info_from_access_token(access_token, handshake_info.jwt_signing_public_key,
handshake_info.enable_anti_csrf and do_anti_csrf_check)
if handshake_info.enable_anti_csrf and do_anti_csrf_check and \
(anti_csrf_token is None or anti_csrf_token != access_token_info['antiCsrfToken']):
if anti_csrf_token is None:
raise_try_refresh_token_exception('anti_csrf_token is undefined')
raise_try_refresh_token_exception('anti-csrf check failed')
if not handshake_info.access_token_blacklisting_enabled and \
access_token_info['parentRefreshTokenHash1'] is None:
ProcessState.update_service_called(False)
return {
'session': {
'handle': access_token_info['sessionHandle'],
'userId': access_token_info['userId'],
'userDataInJWT': access_token_info['userData']
}
}
except SuperTokensTryRefreshTokenError:
pass
ProcessState.update_service_called(True)
data = {
'accessToken': access_token,
'doAntiCsrfCheck': do_anti_csrf_check
}
if anti_csrf_token is not None:
data['antiCsrfToken'] = anti_csrf_token
response = await Querier.get_instance().send_post_request(SESSION_VERIFY, data)
if response['status'] == 'OK':
handshake_info = await HandshakeInfo.get_instance()
handshake_info.update_jwt_signing_public_key_info(response['jwtSigningPublicKey'],
response['jwtSigningPublicKeyExpiryTime'])
response.pop('status', None)
response.pop('jwtSigningPublicKey', None)
response.pop('jwtSigningPublicKeyExpiryTime', None)
return response
elif response['status'] == 'UNAUTHORISED':
raise_unauthorised_exception(response['message'])
else:
raise_try_refresh_token_exception(response['message'])
async def refresh_session(refresh_token: str, anti_csrf_token: Union[str, None]):
data = {
'refreshToken': refresh_token
}
if anti_csrf_token is not None:
data['antiCsrfToken'] = anti_csrf_token
response = await Querier.get_instance().send_post_request(SESSION_REFRESH, data)
if response['status'] == 'OK':
response.pop('status', None)
return response
elif response['status'] == 'UNAUTHORISED':
raise_unauthorised_exception(response['message'])
else:
raise_token_theft_exception(
response['session']['userId'],
response['session']['handle'])
