pyramid_fullauth provides full authentication / authorisation implementation for pyramid applications
Project description
pyramid_fullauth
Pyramid fullauth’s provides full user registration and management functionality for pyramid based web applications.
Package resources
Bug tracker: https://github.com/fizyk/pyramid_fullauth/issues
Documentation: http://pyramid-fullauth.readthedocs.org/
Tests
You’ll need: packages defined in extra_requires[tests] to run tests, and then:
py.test
CHANGELOG
1.0.0
[packaging] use setup.cfg to define package metadata nad options
[cleanup] blackify codebase
[enhancement] move CI to github-actions
[breaking] removed dependency on tzf.pyramid_yml and pymlconf. All configuration has to be handled within .ini file now.
[enhancement] refactored route_predicates. Now user_path_hash can handle all user hashes.
[enhancement] Changed default cookie session factory from UnencryptedCookieSessionFactoryConfig to SignedCookieSessionFactory.
[enhancement] Use require_csrf instead of use_csrf view decorator predicate. This raises now 400 http error instead of 401 in case of bad or no csrf token when required.
[enhancement] Set default session serializer as JSONSerializer to comply with pyramid’s 2.0 change
[enhancement] Require minimum pyramid 1.10.
[enhancement] properly lint code through pylint an fix found issues
[security] Set minimum requirement for SQLAlchemy to be at least 1.3.0 to protect against CVE-2019-7164 and CVE-2019-7548
0.6.0
increased the size of password and salt fields to 128 characters each
default password hashing algorithm is sha256
0.5.0
full python3 compatibility, since velruse migrated to py3 enabled requests-oauth
require velruse 1.1.1
run tests with sqlalchemy 1.0.x
small updates to conform with new linters versions embedded in pylama
0.4.1
fixed spelling for error message when user does not exist while trying to reset password.
require pyramid_basemodel at least version 0.3
0.4.0
python 3 compatibility (without oauth2 though)
cleared use of deprecated function pyramid.security.authenticated_userid in favour of pyramid.request.Request.authenticated_userid attribute.
make email fields case insensitive by using hybrid properties and CaseInsensitive comparator for model.
0.3.3
Fix issue where groupfined was returning empty list instead of None when user did not existed
0.3.2
catch all HTTPRedirect instead of just HTTPFound.
redirect with HTTPSeeOther instead of HTTPFound where applicable.
0.3.1
fixes MANIFEST.in to include yaml files - fixes #33.
0.3.0
Features
configure root factory if it hasn’t been already done
configure session factory only if it hasn’t been configured before
configure authorization policy only if it hasn’t been configured before
configure authentication policy only if it hasn’t been configured before
logged in user will be redirected always away from login page
views reorganisation - grouping by their function
replaced force_logout decorator with logout request method
small login view simplification
tests
rewritten tests to use pytest_pyramid
unified session with pyramid_basemodel’s
parametrize tests against two most recent pyramid versions and sqlalchemy
- turned on pylama to check code with linters:
pep8
pep257
pyflakes
mccabe
add pytest-dbfixtures, and run tests against postgresql and mysql as well
drop python 2.6 from tests
100% test coverage
0.2.3
weaker pyramid_yml requirements. Use registry['config'] instead of request.config which gets added only when explicitly including tzf.pyramid_yml package.
remove default_config with permission set for forbidden views. Throwning errors in pyramid 1.5a3
remove lazy=’load’ for relationship between AuthenticationProvider and User models as it was incorrect. Fixes error while using with sqlalchemy 0.9
0.2.2
copy all headers when login user. fixes issue, when headers set in AfterLogin event would not get passed
0.2.1
fixed csrf_check in password:reset:continue action
updated translation files
0.2.0
migrated tests to py.test
removed nose and lxml from test requirements
extracted UserEmailMixin from User model
validation exception improvements
set licensing to MIT License
fixed general error message for register_POST processing
activate action no longer gives 404 error after first use. Default is message about token being invalid or used [veronicazgirvaci]
- extending csrf_check predicate:
Can be turned on/off in settings.
Failed check rises 401 Unauthorised error
Backwards Incompatibilities
token variable is changed into csrf_token in fullatuh views
view no longer returns error messages on failed csrf token. Rises 401 Unauthorised error instead.
0.1.0
add localize to requirements. Ability to translate registerlogin communicates
ability to set custom session factory [with Veronica Zgirvaci help]
moved password validation to one place
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pyramid_fullauth-1.0.0.tar.gz
.
File metadata
- Download URL: pyramid_fullauth-1.0.0.tar.gz
- Upload date:
- Size: 29.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/53.0.0 requests-toolbelt/0.9.1 tqdm/4.56.0 CPython/3.9.1
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | f47f57891b4549c5de07ec7cb744407812588ea90305ebc848ae587a64c84e57 |
|
MD5 | 7b85295cc4207c56496cfb643926ef58 |
|
BLAKE2b-256 | ff3bf102c83e33b66f435b0f1541bdd3342906e93ddb9a6de47c361386b646a0 |
File details
Details for the file pyramid_fullauth-1.0.0-py3-none-any.whl
.
File metadata
- Download URL: pyramid_fullauth-1.0.0-py3-none-any.whl
- Upload date:
- Size: 44.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/53.0.0 requests-toolbelt/0.9.1 tqdm/4.56.0 CPython/3.9.1
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8c93c381744e84779f86eef75fe90352c70a4c7ed5beefe0649faec04ce90fcc |
|
MD5 | 2e91d1ba3735544153d3612cd151f50b |
|
BLAKE2b-256 | 08a0ba21e993178797d667285f1e1116ccd965c9ad9930cf7a1e76328c4fe9b3 |