Refresh logic revision

na-stewart · Jun 22, 2024 · 628902e · 628902e
1 parent 54848e5
commit 628902e
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 4 deletions.
diff --git a/sanic_security/authentication.py b/sanic_security/authentication.py
@@ -197,7 +197,8 @@ async def fulfill_second_factor(request: Request) -> AuthenticationSession:
 
 async def authenticate(request: Request) -> AuthenticationSession:
     """
-    Validates client's authentication session and account.
+    Validates client's authentication session and account. If auto refresh is enabled, session property is_refresh will
+    only be true for the first time the refreshed session is returned.
 
     Args:
         request (Request): Sanic request parameter.
@@ -221,7 +222,7 @@ async def authenticate(request: Request) -> AuthenticationSession:
         if not authentication_session.anonymous:
             authentication_session.bearer.validate()
     except ExpiredError as e:
-        if security_config.AUTHENTICATION_REFRESH_AUTO:
+        if security_config.AUTHENTICATION_REFRESH_AUTO: #
             authentication_session = await authentication_session.refresh(request)
             logger.debug("Authentication session has been auto-refreshed.")
         else:

diff --git a/sanic_security/models.py b/sanic_security/models.py
@@ -529,7 +529,7 @@ class AuthenticationSession(Session):
         refresh_expiration_date (bool): Date and time the session can no longer be refreshed.
     """
 
-    is_refresh: bool = fields.BooleanField(default=False)
+    is_refresh: bool = False
     requires_second_factor: bool = fields.BooleanField(default=False)
     refresh_expiration_date: datetime.datetime = fields.DatetimeField(null=True)
 
@@ -568,7 +568,9 @@ async def refresh(self, request: Request):
             ):
                 self.active = False
                 await self.save(update_fields=["active"])
-                return self.new(request, self.bearer, refresh=True)
+                session = await self.new(request, self.bearer)
+                session.is_refresh = True
+                return session
             else:
                 raise e
 

diff --git a/sanic_security/test/tests.py b/sanic_security/test/tests.py
@@ -558,4 +558,5 @@ def test_authentication_refresh(self):
         assert login_response.status_code == 200, login_response.text
         refresh_response = self.client.post("http://127.0.0.1:8000/api/test/auth/refresh")
         assert refresh_response.status_code == 200, refresh_response.text
+        # Authenticate and check is_refresh