Add update password API and askUserToUpdatePasswordOnLogin option

PropelAuth · Feb 15, 2023 · 05d662e · 05d662e
1 parent 17eb4ca
commit 05d662e
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 4 deletions.
diff --git a/propelauth_py/__init__.py b/propelauth_py/__init__.py
@@ -7,7 +7,7 @@
     _fetch_org, _fetch_org_by_query, _fetch_users_by_query, _fetch_users_in_org, _create_user, _update_user_email, \
     _update_user_metadata, _create_magic_link, _migrate_user_from_external_source, _create_org, _add_user_to_org, \
     _delete_user, _disable_user, _enable_user, _allow_org_to_setup_saml_connection, \
-    _disallow_org_to_setup_saml_connection
+    _disallow_org_to_setup_saml_connection, _update_user_password
 from propelauth_py.auth_fns import wrap_validate_access_token_and_get_user, \
     wrap_validate_access_token_and_get_user_with_org, \
     wrap_validate_access_token_and_get_user_with_org_by_minimum_role, \
@@ -47,6 +47,7 @@
     "create_user",
     "update_user_email",
     "update_user_metadata",
+    "update_user_password",
     "create_magic_link",
     "migrate_user_from_external_source",
     "create_org",
@@ -97,8 +98,10 @@ def fetch_users_in_org(org_id, page_size=10, page_number=0, include_orgs=False):
         return _fetch_users_in_org(auth_url, api_key, org_id, page_size, page_number, include_orgs)
 
     def create_user(email, email_confirmed=False, send_email_to_confirm_email_address=True,
+                    ask_user_to_update_password_on_login=False,
                     password=None, username=None, first_name=None, last_name=None):
         return _create_user(auth_url, api_key, email, email_confirmed, send_email_to_confirm_email_address,
+                            ask_user_to_update_password_on_login,
                             password, username, first_name, last_name)
 
     def update_user_email(user_id, new_email, require_email_confirmation):
@@ -107,17 +110,22 @@ def update_user_email(user_id, new_email, require_email_confirmation):
     def update_user_metadata(user_id, username=None, first_name=None, last_name=None):
         return _update_user_metadata(auth_url, api_key, user_id, username, first_name, last_name)
 
+    def update_user_password(user_id, password, ask_user_to_update_password_on_login=False):
+        return _update_user_password(auth_url, api_key, user_id, password, ask_user_to_update_password_on_login)
+
     def create_magic_link(email, redirect_to_url=None, expires_in_hours=None, create_new_user_if_one_doesnt_exist=None):
         return _create_magic_link(auth_url, api_key, email, redirect_to_url, expires_in_hours,
                                   create_new_user_if_one_doesnt_exist)
 
     def migrate_user_from_external_source(email, email_confirmed,
                                           existing_user_id=None, existing_password_hash=None,
                                           existing_mfa_base32_encoded_secret=None,
+                                          ask_user_to_update_password_on_login=False,
                                           enabled=None, first_name=None, last_name=None, username=None):
         return _migrate_user_from_external_source(auth_url, api_key, email, email_confirmed,
                                                   existing_user_id, existing_password_hash,
                                                   existing_mfa_base32_encoded_secret,
+                                                  ask_user_to_update_password_on_login,
                                                   enabled, first_name, last_name, username)
 
     def create_org(name):
@@ -190,6 +198,7 @@ def disallow_org_to_setup_saml_connection(org_id):
         create_user=create_user,
         update_user_email=update_user_email,
         update_user_metadata=update_user_metadata,
+        update_user_password=update_user_password,
         create_magic_link=create_magic_link,
         migrate_user_from_external_source=migrate_user_from_external_source,
         create_org=create_org,

diff --git a/propelauth_py/api.py b/propelauth_py/api.py
@@ -6,7 +6,7 @@
 from requests.auth import AuthBase
 
 from propelauth_py.errors import CreateUserException, UpdateUserMetadataException, UpdateUserEmailException, \
-    BadRequestException
+    BadRequestException, UpdateUserPasswordException
 
 TokenVerificationMetadata = namedtuple("TokenVerificationMetadata", [
     "verifier_key", "issuer"
@@ -203,10 +203,12 @@ def _fetch_users_in_org(auth_url, api_key, org_id, page_size, page_number, inclu
 
 
 def _create_user(auth_url, api_key, email, email_confirmed, send_email_to_confirm_email_address,
+                 ask_user_to_update_password_on_login,
                  password, username, first_name, last_name):
     url = auth_url + "/api/backend/v1/user/"
     json = {"email": email, "email_confirmed": email_confirmed,
-            "send_email_to_confirm_email_address": send_email_to_confirm_email_address}
+            "send_email_to_confirm_email_address": send_email_to_confirm_email_address,
+            "ask_user_to_update_password_on_login": ask_user_to_update_password_on_login}
     if password is not None:
         json["password"] = password
     if username is not None:
@@ -251,6 +253,26 @@ def _update_user_metadata(auth_url, api_key, user_id, username=None, first_name=
 
     return True
 
+def _update_user_password(auth_url, api_key, user_id, password, ask_user_to_update_password_on_login):
+    if not _is_valid_id(user_id):
+        return False
+
+    url = auth_url + "/api/backend/v1/user/{}/password".format(user_id)
+    json = {"password": password}
+    if ask_user_to_update_password_on_login is not None:
+        json["ask_user_to_update_password_on_login"] = ask_user_to_update_password_on_login
+
+    response = requests.put(url, json=json, auth=_ApiKeyAuth(api_key))
+    if response.status_code == 401:
+        raise ValueError("api_key is incorrect")
+    elif response.status_code == 400:
+        raise UpdateUserPasswordException(response.json())
+    elif response.status_code == 404:
+        return False
+    elif not response.ok:
+        raise RuntimeError("Unknown error when updating password")
+
+    return True
 
 def _update_user_email(auth_url, api_key, user_id, new_email, require_email_confirmation):
     if not _is_valid_id(user_id):
@@ -300,6 +322,7 @@ def _create_magic_link(auth_url, api_key, email,
 def _migrate_user_from_external_source(auth_url, api_key, email, email_confirmed,
                                        existing_user_id=None, existing_password_hash=None,
                                        existing_mfa_base32_encoded_secret=None,
+                                       ask_user_to_update_password_on_login=False,
                                        enabled=None, first_name=None, last_name=None, username=None):
     url = auth_url + "/api/backend/v1/migrate_user/"
     json = {
@@ -308,6 +331,7 @@ def _migrate_user_from_external_source(auth_url, api_key, email, email_confirmed
         "existing_user_id": existing_user_id,
         "existing_password_hash": existing_password_hash,
         "existing_mfa_base32_encoded_secret": existing_mfa_base32_encoded_secret,
+        "ask_user_to_update_password_on_login": ask_user_to_update_password_on_login,
         "enabled": enabled,
         "first_name": first_name,
         "last_name": last_name,

diff --git a/propelauth_py/errors.py b/propelauth_py/errors.py
@@ -7,6 +7,9 @@ class UpdateUserMetadataException(Exception):
     def __init__(self, field_to_errors):
         self.field_to_errors = field_to_errors
 
+class UpdateUserPasswordException(Exception):
+    def __init__(self, field_to_errors):
+        self.field_to_errors = field_to_errors
 
 class UpdateUserEmailException(Exception):
     def __init__(self, field_to_errors):

diff --git a/setup.py b/setup.py
@@ -6,7 +6,7 @@
 
 setup(
     name="propelauth-py",
-    version="3.0.0",
+    version="3.0.1",
     description="A python authentication library",
     long_description=README,
     long_description_content_type="text/markdown",