incuna-auth

Provides authentication parts.

Project description

Various pieces of useful Auth.

Installation

Install the package:

pip install incuna-auth

Add to your INSTALLED_APPS in settings.py:

INSTALLED_APPS = (
    ...
    incuna_auth,
    ...
)

Add the urls to your ROOT_URLCONF:

urlpatterns = patterns(''
    ...
    url('', include('incuna_auth.urls')),
    ...
)

Add the auth urls in settings.py:

from django.core.urlresolvers import reverse_lazy

...

LOGIN_URL = reverse_lazy('login')
LOGOUT_URL = reverse_lazy('logout')

Add the tables to the db:

python manage.py syncdb

Warning: An initial data fixture is included that creates an admin_sso.Assignment to assign any user with an incuna.com email to the Admin user.

Backend

TODO: Add a run down of the Backend.

Middleware

incuna_auth includes several useful bits of middleware that can be used to enforce authentication in your project.

The middleware is extensible, and compatible with FeinCMS.

There are two main middleware classes that can be straightforwardly installed in your project. To add either of these middlewares, add incuna_auth.middleware.[MiddlewareClassName] to MIDDLEWARE_CLASSES in your project’s settings.

LoginRequiredMiddleware: Enforces that a user must be authenticated in order to access any protected URL.

This middleware’s coverage can be easily customised with the LOGIN_PROTECTED_URLS and LOGIN_EXEMPT_URLS Django settings. If those settings do not exist, the middleware protects every URL apart from settings.LOGIN_URL and settings.LOGOUT_URL; otherwise, it will apply to every URL in LOGIN_PROTECTED_URLS apart from those in LOGIN_EXEMPT_URLS.

FeinCMSLoginRequiredMiddleware: Enforces that a user must be authenticated in order to access a FeinCMS resource with an access_state of STATE_AUTH_ONLY.

Since CMS pages have unpredictable URLs, and it’s desirable to equip them with customisable authentication, LoginRequiredMiddleware by itself is unsuitable for use with FeinCMS. This middleware is intended for use with an extension that adds a new field, access_state, to a FeinCMS Page or similar item. We’ve included a mixin, incuna_auth.models.AccessStateExtensionMixin, that makes creating one of these extensions straightforward.

To use FeinCMSLoginRequiredMiddleware to protect access states other than STATE_AUTH_ONLY, make a subclass of it that overrides its get_protected_states method. You’ll also need to ensure the CUSTOM_STATES attribute of your AccessStateExtensionMixin subclass contains the access states you want to protect.

Customising the middleware system

The middleware system is easily extensible, and there’s a small framework of parent classes behind them to make creating your own similar middlewares straightforward, all in the incuna_auth.middleware.permission module. BasePermissionMiddleware is the base class, and URLPermissionMiddleware and FeinCMSPermissionMiddleware form the backbone of LoginRequiredMiddleware and FeinCMSLoginRequiredMiddleware respectively, together with a mixin that provides an appropriate access-denial condition and error output for enforcing that a user is logged in.

Any middleware class has a core method called process_request, which is called by Django for any request that passes through this middleware. The permission module middleware implements this by first checking if the requested resource should be protected via a method named is_resource_protected, then checking if the request should be allowed to access a protected resource using deny_access_condition. If the request should be disallowed, the middleware executes a method called deny_access which returns an error response (403 or 302 depending on the nature of the request); if the resource is unprotected or the request is allowed, process_request just returns None in order to do nothing. This is standard middleware behaviour.

Project details

Release history Release notifications | RSS feed

10.0.0

May 16, 2020

9.0.0

May 15, 2020

8.1.1

Dec 12, 2017

8.1.0

Jun 21, 2017

8.0.0

May 4, 2017

7.4.0

Mar 21, 2017

7.3.0

Mar 6, 2017

7.2.1

Mar 6, 2017

7.2.0

Mar 6, 2017

7.1.0

Mar 3, 2017

7.0.0

Dec 22, 2016

6.0.0

Dec 13, 2016

5.0.0

Nov 23, 2016

4.4.0

Nov 18, 2016

4.3.0

Oct 28, 2016

4.2.0

Sep 27, 2016

4.1.0

Sep 15, 2016

4.0.0

Jan 29, 2016

3.0.1

Jan 29, 2016

This version

3.0.0

Jun 2, 2015

2.5.0

Apr 30, 2015

2.4.1

Apr 30, 2015

2.4.0

Apr 28, 2015

2.3.6

Feb 4, 2015

2.3.5

Jan 21, 2015

2.3.4

Jan 21, 2015

2.3.3

Jan 21, 2015

2.3.2

Jan 20, 2015

2.3.1

Jan 16, 2015

2.3.0

Jan 15, 2015

2.2.0

Nov 12, 2014

2.1.0

Apr 28, 2014

2.0.2

Apr 17, 2014

2.0.1

Mar 18, 2014

2.0.0

Jan 30, 2014

1.0.0

Aug 19, 2013

0.11

Aug 13, 2013

0.10.4

Jul 31, 2013

0.10.3

Jul 30, 2013

0.10.2

Jul 30, 2013

0.10.1

Jul 30, 2013

0.10.0

Jul 10, 2013

0.9.1

Jun 28, 2013

0.9

Jun 14, 2013

0.8.5

May 30, 2013

0.8.4

May 2, 2013

0.8.3

Apr 5, 2013

0.8.2

Mar 26, 2013

0.8.1

Feb 4, 2013

0.7.2

Nov 8, 2017

0.6.4

Aug 31, 2012

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

incuna-auth-3.0.0.tar.gz (22.9 kB view details)

Uploaded Jun 2, 2015 Source

Built Distribution

incuna_auth-3.0.0-py3-none-any.whl (34.4 kB view details)

Uploaded Jun 2, 2015 Python 3

File details

Details for the file incuna-auth-3.0.0.tar.gz.

File metadata

Download URL: incuna-auth-3.0.0.tar.gz
Upload date: Jun 2, 2015
Size: 22.9 kB
Tags: Source
Uploaded using Trusted Publishing? No

File hashes

Hashes for incuna-auth-3.0.0.tar.gz
Algorithm	Hash digest
SHA256	`f4fe217231b983a64f40363d4bc866e2f9a3c97abb92607dd6b4d3792d839130`
MD5	`8a7293dc7a85d141f43fef3f13fa3d7d`
BLAKE2b-256	`f9d6044bb6e3244e8923d29d98ecdf80932e30e91773237f10c72dd48f89d543`

See more details on using hashes here.

File details

Details for the file incuna_auth-3.0.0-py3-none-any.whl.

File metadata

Download URL: incuna_auth-3.0.0-py3-none-any.whl
Upload date: Jun 2, 2015
Size: 34.4 kB
Tags: Python 3
Uploaded using Trusted Publishing? No

File hashes

Hashes for incuna_auth-3.0.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`46f0b7a5cab8a40ef964f9ea910ae82a0862f6e055d2c61b105678e1a472a62a`
MD5	`104adceaf3a5c14f59f8d0655f617f7e`
BLAKE2b-256	`59dfd5b8d2af5c3eca602610cfda38c8f120b8d73a440accd6123cede43b8c15`