fix: Failing tests in the CI

tests/auth-react/django3x/polls/urls.py

@@ -8,6 +8,7 @@
     path("ping", views.ping, name="ping"),
     path("sessionInfo", views.session_info, name="sessionInfo"),
     path("token", views.token, name="token"),
+    path("deleteUser", views.delete_user_api, name="token"),
     path("test/setFlow", views.test_set_flow, name="setFlow"),
     path("test/getDevice", views.test_get_device, name="getDevice"),
     path("test/featureFlags", views.test_feature_flags, name="featureFlags"),

tests/auth-react/django3x/polls/views.py

@@ -24,6 +24,8 @@
 from supertokens_python.recipe.session import SessionContainer
 from supertokens_python.recipe.session.interfaces import SessionClaimValidator
 from supertokens_python.recipe.userroles import UserRoleClaim, PermissionClaim
+from supertokens_python.syncio import delete_user
+from supertokens_python.recipe.emailpassword.syncio import get_user_by_email
 
 mode = os.environ.get("APP_MODE", "asgi")
 
@@ -146,6 +148,17 @@ def token(request: HttpRequest):
     return JsonResponse({"latestURLWithToken": latest_url_with_token})
 
 
+def delete_user_api(request: HttpRequest):
+    body = json.loads(request.body)
+    if body["rid"] != "emailpassword":
+        return JsonResponse({"message": "Not implemented"}, status_code=400)
+
+    user = get_user_by_email(body["email"])
+    assert user is not None
+    delete_user(user.user_id)
+    return HttpResponse("")
+
+
 def test_get_device(request: HttpRequest):
     pre_auth_session_id = request.GET.get("preAuthSessionId", None)
     if pre_auth_session_id is None:

tests/auth-react/fastapi-server/app.py

@@ -46,6 +46,8 @@
     thirdpartypasswordless,
     userroles,
 )
+from supertokens_python.asyncio import delete_user
+from supertokens_python.recipe.emailpassword.asyncio import get_user_by_email
 from supertokens_python.recipe.dashboard import DashboardRecipe
 from supertokens_python.recipe.emailpassword import EmailPasswordRecipe
 from supertokens_python.recipe.emailpassword.interfaces import (
@@ -1036,6 +1038,18 @@ async def get_token():
     return JSONResponse({"latestURLWithToken": latest_url_with_token})
 
 
+@app.post("/deleteUser")
+async def delete_user_api(request: Request):
+    body = await request.json()
+    if body["rid"] != "emailpassword":
+        return JSONResponse({"message": "Not implemented"}, status_code=400)
+
+    user = await get_user_by_email(body["email"])
+    assert user is not None
+    await delete_user(user.user_id)
+    return PlainTextResponse()
+
+
 @app.get("/unverifyEmail")
 async def unverify_email_api(session_: SessionContainer = Depends(verify_session())):
     await unverify_email(session_.get_user_id())

tests/auth-react/flask-server/app.py

@@ -38,6 +38,8 @@
     thirdpartypasswordless,
     userroles,
 )
+from supertokens_python.syncio import delete_user
+from supertokens_python.recipe.emailpassword.syncio import get_user_by_email
 from supertokens_python.recipe.dashboard import DashboardRecipe
 from supertokens_python.recipe.emailpassword import EmailPasswordRecipe
 from supertokens_python.recipe.emailpassword.interfaces import (
@@ -1041,6 +1043,18 @@ def test_feature_flags():
     return jsonify({"available": available})
 
 
+@app.post("/deleteUser")  # type: ignore
+def delete_user_api():
+    body = request.get_json() or {}
+    if body["rid"] != "emailpassword":
+        return jsonify({"message": "Not implemented"}), 400
+
+    user = get_user_by_email(body["email"])
+    assert user is not None
+    delete_user(user.user_id)
+    return ""
+
+
 @app.get("/unverifyEmail")  # type: ignore
 @verify_session()
 def unverify_email_api():

tests/frontendIntegration/django2x/polls/urls.py

@@ -6,7 +6,7 @@
 urlpatterns = [  # type: ignore
     path("index.html", views.send_file, name="index.html"),  # type: ignore
     path("login", views.login, name="login"),  # type: ignore
-    path("login-2.18", views.login_2_18, name="login"),  # type: ignore
+    path("login-2.18", views.login_2_18, name="login_218"),  # type: ignore
     path("beforeeach", views.before_each, name="beforeeach"),  # type: ignore
     path("testUserConfig", views.test_config, name="testUserConfig"),  # type: ignore
     path(

tests/frontendIntegration/django2x/polls/views.py

@@ -24,6 +24,10 @@
 from supertokens_python import get_all_cors_headers
 from supertokens_python import InputAppInfo, Supertokens, SupertokensConfig, init
 from supertokens_python.framework import BaseRequest, BaseResponse
+from base64 import b64encode
+from supertokens_python.utils import get_timestamp_ms
+from supertokens_python.async_to_sync_wrapper import sync
+from supertokens_python.querier import Querier, NormalisedURLPath
 from supertokens_python.recipe import session
 from supertokens_python.recipe.session import (
     InputErrorHandlers,
@@ -338,12 +342,45 @@ def login(request: HttpRequest):
 
 def login_2_18(request: HttpRequest):
     if request.method == "POST":
+        # This CDI version is no longer supported by this SDK, but
+        # we want to ensure that sessions keep working after the upgrade
+        # We can hard-code the structure of the request&response, since
+        # this is a fixed CDI version and it's not going to change
+
+        Querier.api_version = "2.18"
+
         body = json.loads(request.body)
         user_id = body["userId"]
         payload = body["payload"]
 
-        session_ = create_new_session(request, user_id, payload)
-        return HttpResponse(session_.get_user_id())
+        legacy_session_res = sync(
+            Querier.get_instance().send_post_request(
+                NormalisedURLPath("/recipe/session"),
+                {
+                    "userId": user_id,
+                    "enableAntiCsrf": False,
+                    "userDataInJWT": payload,
+                    "userDataInDatabase": {},
+                },
+            )
+        )
+        Querier.api_version = None
+
+        legacy_access_token = legacy_session_res["accessToken"]["token"]
+        legacy_refresh_token = legacy_session_res["refreshToken"]["token"]
+
+        front_token = json.dumps(
+            {"uid": user_id, "ate": get_timestamp_ms() + 3600000, "up": payload}
+        )
+
+        return JsonResponse(
+            {},
+            headers={
+                "st-access-token": legacy_access_token,
+                "st-refresh-token": legacy_refresh_token,
+                "front-token": b64encode(front_token.encode()).decode(),
+            },
+        )
     else:
         return send_options_api_response()
 

tests/frontendIntegration/django3x/polls/urls.py

@@ -6,7 +6,7 @@
 urlpatterns = [  # type: ignore
     path("index.html", views.send_file, name="index.html"),  # type: ignore
     path("login", views.login, name="login"),  # type: ignore
-    path("login-2.18", views.login, name="login"),  # type: ignore
+    path("login-2.18", views.login_2_18, name="login_218"),  # type: ignore
     path("beforeeach", views.before_each, name="beforeeach"),  # type: ignore
     path("testUserConfig", views.test_config, name="testUserConfig"),  # type: ignore
     path(

tests/frontendIntegration/django3x/polls/views.py

@@ -29,6 +29,9 @@
 from supertokens_python import get_all_cors_headers
 from supertokens_python import InputAppInfo, Supertokens, SupertokensConfig, init
 from supertokens_python.framework import BaseRequest, BaseResponse
+from base64 import b64encode
+from supertokens_python.utils import get_timestamp_ms
+from supertokens_python.querier import Querier, NormalisedURLPath
 from supertokens_python.recipe import session
 from supertokens_python.recipe.session import (
     InputErrorHandlers,
@@ -345,12 +348,43 @@ async def login(request: HttpRequest):
 
 async def login_2_18(request: HttpRequest):
     if request.method == "POST":
+        # This CDI version is no longer supported by this SDK, but
+        # we want to ensure that sessions keep working after the upgrade
+        # We can hard-code the structure of the request&response, since
+        # this is a fixed CDI version and it's not going to change
+
+        Querier.api_version = "2.18"
+
         body = json.loads(request.body)
         user_id = body["userId"]
         payload = body["payload"]
 
-        session_ = await create_new_session(request, user_id, payload)
-        return HttpResponse(session_.get_user_id())
+        legacy_session_res = await Querier.get_instance().send_post_request(
+            NormalisedURLPath("/recipe/session"),
+            {
+                "userId": user_id,
+                "enableAntiCsrf": False,
+                "userDataInJWT": payload,
+                "userDataInDatabase": {},
+            },
+        )
+        Querier.api_version = None
+
+        legacy_access_token = legacy_session_res["accessToken"]["token"]
+        legacy_refresh_token = legacy_session_res["refreshToken"]["token"]
+
+        front_token = json.dumps(
+            {"uid": user_id, "ate": get_timestamp_ms() + 3600000, "up": payload}
+        )
+
+        return JsonResponse(
+            {},
+            headers={
+                "st-access-token": legacy_access_token,
+                "st-refresh-token": legacy_refresh_token,
+                "front-token": b64encode(front_token.encode()).decode(),
+            },
+        )
     else:
         return send_options_api_response()
 

tests/frontendIntegration/fastapi-server/app.py

@@ -29,6 +29,9 @@
     get_all_cors_headers,
     init,
 )
+from base64 import b64encode
+from supertokens_python.utils import get_timestamp_ms
+from supertokens_python.querier import Querier, NormalisedURLPath
 from supertokens_python.framework import BaseRequest, BaseResponse
 from supertokens_python.framework.fastapi import get_middleware
 from supertokens_python.recipe import session
@@ -221,11 +224,41 @@ async def login(request: Request):
 
 @app.post("/login-2.18")
 async def login_2_18(request: Request):
+    # This CDI version is no longer supported by this SDK, but we want to ensure that sessions keep working after the upgrade
+    # We can hard-code the structure of the request&response, since this is a fixed CDI version and it's not going to change
+
+    Querier.api_version = "2.18"
+
     body = await request.json()
     user_id = body["userId"]
     payload = body["payload"]
-    _session = await create_new_session(request, user_id, payload)
-    return PlainTextResponse(content=_session.get_user_id())
+
+    legacy_session_res = await Querier.get_instance().send_post_request(
+        NormalisedURLPath("/recipe/session"),
+        {
+            "userId": user_id,
+            "enableAntiCsrf": False,
+            "userDataInJWT": payload,
+            "userDataInDatabase": {},
+        },
+    )
+    Querier.api_version = None
+
+    legacy_access_token = legacy_session_res["accessToken"]["token"]
+    legacy_refresh_token = legacy_session_res["refreshToken"]["token"]
+
+    front_token = json.dumps(
+        {"uid": user_id, "ate": get_timestamp_ms() + 3600000, "up": payload}
+    )
+
+    return JSONResponse(
+        content={},
+        headers={
+            "st-access-token": legacy_access_token,
+            "st-refresh-token": legacy_refresh_token,
+            "front-token": b64encode(front_token.encode()).decode(),
+        },
+    )
 
 
 @app.options("/beforeeach")

tests/frontendIntegration/flask-server/app.py

@@ -28,6 +28,10 @@
 from flask_cors import CORS
 from supertokens_python import InputAppInfo, Supertokens, SupertokensConfig, init
 from supertokens_python.framework.flask.flask_middleware import Middleware
+from base64 import b64encode
+from supertokens_python.utils import get_timestamp_ms
+from supertokens_python.async_to_sync_wrapper import sync
+from supertokens_python.querier import Querier, NormalisedURLPath
 from supertokens_python.recipe import session
 from supertokens_python.recipe.session import (
     InputErrorHandlers,
@@ -247,11 +251,43 @@ def login():
 
 @app.route("/login-2.18", methods=["POST"])  # type: ignore
 def login_2_18():
-    body: Dict[str, Any] = request.get_json()  # type: ignore
+    # This CDI version is no longer supported by this SDK, but we want to ensure that sessions keep working after the upgrade
+    # We can hard-code the structure of the request&response, since this is a fixed CDI version and it's not going to change
+
+    Querier.api_version = "2.18"
+
+    body = request.json or {}
     user_id = body["userId"]
     payload = body["payload"]
-    _session = create_new_session(request, user_id, payload)
-    return _session.get_user_id()
+
+    legacy_session_res = sync(
+        Querier.get_instance().send_post_request(
+            NormalisedURLPath("/recipe/session"),
+            {
+                "userId": user_id,
+                "enableAntiCsrf": False,
+                "userDataInJWT": payload,
+                "userDataInDatabase": {},
+            },
+        )
+    )
+    Querier.api_version = None
+
+    legacy_access_token = legacy_session_res["accessToken"]["token"]
+    legacy_refresh_token = legacy_session_res["refreshToken"]["token"]
+
+    front_token = json.dumps(
+        {"uid": user_id, "ate": get_timestamp_ms() + 3600000, "up": payload}
+    )
+
+    return Response(
+        "{}",
+        headers={
+            "st-access-token": legacy_access_token,
+            "st-refresh-token": legacy_refresh_token,
+            "front-token": b64encode(front_token.encode()).decode(),
+        },
+    )
 
 
 @app.route("/beforeeach", methods=["OPTIONS"])  # type: ignore