Merge pull request #533 from supertokens/removing-overwrite-session-flag

removes overwrite session flag
supertokens · Oct 15, 2024 · 5ddcd16 · 5ddcd16
2 parents 5236c14 + b106a0d
commit 5ddcd16
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 36 deletions.
diff --git a/supertokens_python/auth_utils.py b/supertokens_python/auth_utils.py
@@ -21,7 +21,6 @@
 )
 from supertokens_python.recipe.multitenancy.asyncio import associate_user_to_tenant
 from supertokens_python.recipe.session.interfaces import SessionContainer
-from supertokens_python.recipe.session.recipe import SessionRecipe
 from supertokens_python.recipe.session.asyncio import create_new_session, get_session
 from supertokens_python.recipe.thirdparty.types import ThirdPartyInfo
 from supertokens_python.types import (
@@ -249,17 +248,13 @@ async def post_auth_checks(
             # If the new user wasn't linked to the current one, we check the config and overwrite the session if required
             # Note: we could also get here if MFA is enabled, but the app didn't want to link the user to the session user.
             # This is intentional, since the MFA and overwriteSessionDuringSignInUp configs should work independently.
-            overwrite_session_during_sign_in_up = (
-                SessionRecipe.get_instance().config.overwrite_session_during_sign_in_up
+            resp_session = await create_new_session(
+                request, tenant_id, recipe_user_id, {}, {}, user_context
             )
-            if overwrite_session_during_sign_in_up:
-                resp_session = await create_new_session(
-                    request, tenant_id, recipe_user_id, {}, {}, user_context
+            if mfa_instance is not None:
+                await mark_factor_as_complete_in_session(
+                    resp_session, factor_id, user_context
                 )
-                if mfa_instance is not None:
-                    await mark_factor_as_complete_in_session(
-                        resp_session, factor_id, user_context
-                    )
     else:
         log_debug_message("postAuthChecks creating session for first factor sign in/up")
         # If there is no input session, we do not need to do anything other checks and create a new session
@@ -993,14 +988,7 @@ async def load_session_in_auth_api_if_needed(
     user_context: Dict[str, Any],
 ) -> Optional[SessionContainer]:
 
-    overwrite_session_during_sign_in_up = (
-        SessionRecipe.get_instance().config.overwrite_session_during_sign_in_up
-    )
-
-    if (
-        should_try_linking_with_session_user is not False
-        or not overwrite_session_during_sign_in_up
-    ):
+    if should_try_linking_with_session_user is not False:
         return await get_session(
             request,
             session_required=should_try_linking_with_session_user is True,

diff --git a/supertokens_python/recipe/session/__init__.py b/supertokens_python/recipe/session/__init__.py
@@ -52,7 +52,6 @@ def init(
     use_dynamic_access_token_signing_key: Union[bool, None] = None,
     expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
     jwks_refresh_interval_sec: Union[int, None] = None,
-    overwrite_session_during_sign_in_up: Union[bool, None] = None,
 ) -> Callable[[AppInfo], RecipeModule]:
     return SessionRecipe.init(
         cookie_domain,
@@ -68,5 +67,4 @@ def init(
         use_dynamic_access_token_signing_key,
         expose_access_token_to_frontend_in_cookie_based_auth,
         jwks_refresh_interval_sec,
-        overwrite_session_during_sign_in_up,
     )
diff --git a/supertokens_python/recipe/session/recipe.py b/supertokens_python/recipe/session/recipe.py
@@ -93,7 +93,6 @@ def __init__(
         use_dynamic_access_token_signing_key: Union[bool, None] = None,
         expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
         jwks_refresh_interval_sec: Union[int, None] = None,
-        overwrite_session_during_sign_in_up: Union[bool, None] = None,
     ):
         super().__init__(recipe_id, app_info)
         self.config = validate_and_normalise_user_input(
@@ -111,7 +110,6 @@ def __init__(
             use_dynamic_access_token_signing_key,
             expose_access_token_to_frontend_in_cookie_based_auth,
             jwks_refresh_interval_sec,
-            overwrite_session_during_sign_in_up,
         )
         self.openid_recipe = OpenIdRecipe(
             recipe_id,
@@ -312,7 +310,6 @@ def init(
         use_dynamic_access_token_signing_key: Union[bool, None] = None,
         expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
         jwks_refresh_interval_sec: Union[int, None] = None,
-        overwrite_session_during_sign_in_up: Union[bool, None] = None,
     ):
         def func(app_info: AppInfo):
             if SessionRecipe.__instance is None:
@@ -332,7 +329,6 @@ def func(app_info: AppInfo):
                     use_dynamic_access_token_signing_key,
                     expose_access_token_to_frontend_in_cookie_based_auth,
                     jwks_refresh_interval_sec,
-                    overwrite_session_during_sign_in_up,
                 )
                 return SessionRecipe.__instance
             raise_general_exception(

diff --git a/supertokens_python/recipe/session/utils.py b/supertokens_python/recipe/session/utils.py
@@ -391,7 +391,6 @@ def __init__(
         use_dynamic_access_token_signing_key: bool,
         expose_access_token_to_frontend_in_cookie_based_auth: bool,
         jwks_refresh_interval_sec: int,
-        overwrite_session_during_sign_in_up: bool,
     ):
         self.session_expired_status_code = session_expired_status_code
         self.invalid_claim_status_code = invalid_claim_status_code
@@ -412,7 +411,6 @@ def __init__(
         self.framework = framework
         self.mode = mode
         self.jwks_refresh_interval_sec = jwks_refresh_interval_sec
-        self.overwrite_session_during_sign_in_up = overwrite_session_during_sign_in_up
 
 
 def validate_and_normalise_user_input(
@@ -436,7 +434,6 @@ def validate_and_normalise_user_input(
     use_dynamic_access_token_signing_key: Union[bool, None] = None,
     expose_access_token_to_frontend_in_cookie_based_auth: Union[bool, None] = None,
     jwks_refresh_interval_sec: Union[int, None] = None,
-    overwrite_session_during_sign_in_up: Union[bool, None] = None,
 ):
     _ = cookie_same_site  # we have this otherwise pylint complains that cookie_same_site is unused, but it is being used in the get_cookie_same_site function.
     if anti_csrf not in {"VIA_TOKEN", "VIA_CUSTOM_HEADER", "NONE", None}:
@@ -564,11 +561,6 @@ def anti_csrf_function(
         use_dynamic_access_token_signing_key,
         expose_access_token_to_frontend_in_cookie_based_auth,
         jwks_refresh_interval_sec,
-        (
-            overwrite_session_during_sign_in_up
-            if overwrite_session_during_sign_in_up is not None
-            else False
-        ),
     )
 
 

diff --git a/tests/test-server/app.py b/tests/test-server/app.py
@@ -301,9 +301,6 @@ async def custom_unauthorised_callback(
                     use_dynamic_access_token_signing_key=recipe_config_json.get(
                         "useDynamicAccessTokenSigningKey"
                     ),
-                    overwrite_session_during_sign_in_up=recipe_config_json.get(
-                        "overwriteSessionDuringSignInUp", None
-                    ),
                     override=session.InputOverrideConfig(
                         apis=override_builder_with_logging(
                             "Session.override.apis",
@@ -703,7 +700,7 @@ def override_params():
 
 @app.route("/test/featureflag", methods=["GET"])  # type: ignore
 def feature_flag():
-    return jsonify([])
+    return jsonify(["removedOverwriteSessionDuringSignInUp"])
 
 
 @app.route("/test/resetoverrideparams", methods=["POST"])  # type: ignore