Skip to main content

pyramid_whoauth

Project description

An authentication policy for Pyramid that uses the repoze.who v2 API.

Overview

This plugin allows you to configure a repoze.who authentication stack as a pyramid authentication policy. It takes a repoze.who API factory and turns it into an pyramid IAuthenticationPolicy:

from repoze.who.config import make_api_factory_with_config

api_factory = make_api_factory_with_config(global_conf, "etc/who.ini")
authn_policy = WhoAuthenticationPolicy(api_factory)
config.set_authentication_policy(authn_policy)

This will load the repoze.who configuration from the specified config file and hook it into Pyramid.

The advantage of using pyramid_whoauth instead of the repoze.who middleware is that authentication is only performed when your application explicitly requests it using e.g. pyramid’s authenticated_userid() function.

For convenience, you can also specify all of the repoze.who configuration settings as part of your paster deployment settings. For example, you might have the following:

[app:pyramidapp]
use = egg:mypyramidapp

who.plugin.basicauth.use = repoze.who.plugins.basicauth:make_plugin
who.plugin.basicauth.realm = MyRealm

who.plugin.authtkt.use = repoze.who.plugins.auth_tkt:make_plugin
who.plugin.authtkt.secret = Oh So Secret!

who.identifiers.plugins = authtkt basicauth
who.authenticators.plugins = authtkt basicauth
who.challengers.plugins = basicauth

This configures repoze.who to use the “basicauth” and “auth_tkt” plugins, using pyramid’s dotted-settings style rather than the repoze.who config file. Then it is a simple matter of including the pyramid_whoauth module into your configurator:

config.include("pyramid_whoauth")

In addition to configuring the repoze.who API factory from the given settings, this will also set up some extra conveniences for your application:

  • a forbidden view that challenges for credentials via repoze.who

  • a login view that authenticates any credentials submitted via POST

  • a logout view that sends forget headers when accessed

  • a tween that calls the repoze.who “remember” method for each response

0.1.2 - 2012-05-28

  • Place the tween directly above the EXCVIEW tween. This will help ensure it is underneath other unrelated tweens, so they will not see the ApplicationRedirectException being thrown.

0.1.1 - 2012-01-30

  • Update to MPL 2.0

0.1.0 - 2011-11-11

  • Initial release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_whoauth-0.1.2.tar.gz (10.6 kB view details)

Uploaded Source

File details

Details for the file pyramid_whoauth-0.1.2.tar.gz.

File metadata

File hashes

Hashes for pyramid_whoauth-0.1.2.tar.gz
Algorithm Hash digest
SHA256 fb167551b49dd5d285b445c14ec3b434bccebb227a54ab3c801b1a2e28cc9eb4
MD5 64c52669ab144dca3c38bed76ee36db9
BLAKE2b-256 c05a12dc24d75a4ae71376da43ea148b0fcdea144447128ccc9ab07b4ce3254f

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page