diff options
| author | Michael Merickel <michael@merickel.org> | 2019-12-29 23:29:48 -0600 |
|---|---|---|
| committer | Michael Merickel <michael@merickel.org> | 2019-12-29 23:33:51 -0600 |
| commit | bd8f73be18f8f54daff34debd976a4b81be886aa (patch) | |
| tree | b300830496794c1cbed52063eef4a228fcb2511c /docs/quick_tutorial/authentication | |
| parent | ce48c934046f470f8c32ec98666f484f482f32f0 (diff) | |
| download | pyramid-bd8f73be18f8f54daff34debd976a4b81be886aa.tar.gz pyramid-bd8f73be18f8f54daff34debd976a4b81be886aa.tar.bz2 pyramid-bd8f73be18f8f54daff34debd976a4b81be886aa.zip | |
update authentication and authorization chapters of the quick_tutorial to use the new ISecurityPolicy
Diffstat (limited to 'docs/quick_tutorial/authentication')
| -rw-r--r-- | docs/quick_tutorial/authentication/tutorial/__init__.py | 18 | ||||
| -rw-r--r-- | docs/quick_tutorial/authentication/tutorial/security.py | 27 |
2 files changed, 30 insertions, 15 deletions
diff --git a/docs/quick_tutorial/authentication/tutorial/__init__.py b/docs/quick_tutorial/authentication/tutorial/__init__.py index efc09e760..ec8a66a23 100644 --- a/docs/quick_tutorial/authentication/tutorial/__init__.py +++ b/docs/quick_tutorial/authentication/tutorial/__init__.py @@ -1,25 +1,21 @@ -from pyramid.authentication import AuthTktAuthenticationPolicy -from pyramid.authorization import ACLAuthorizationPolicy from pyramid.config import Configurator -from .security import groupfinder +from .security import SecurityPolicy def main(global_config, **settings): config = Configurator(settings=settings) config.include('pyramid_chameleon') - # Security policies - authn_policy = AuthTktAuthenticationPolicy( - settings['tutorial.secret'], callback=groupfinder, - hashalg='sha512') - authz_policy = ACLAuthorizationPolicy() - config.set_authentication_policy(authn_policy) - config.set_authorization_policy(authz_policy) + config.set_security_policy( + SecurityPolicy( + secret=settings['tutorial.secret'], + ), + ) config.add_route('home', '/') config.add_route('hello', '/howdy') config.add_route('login', '/login') config.add_route('logout', '/logout') config.scan('.views') - return config.make_wsgi_app()
\ No newline at end of file + return config.make_wsgi_app() diff --git a/docs/quick_tutorial/authentication/tutorial/security.py b/docs/quick_tutorial/authentication/tutorial/security.py index e585e2642..acec06e7a 100644 --- a/docs/quick_tutorial/authentication/tutorial/security.py +++ b/docs/quick_tutorial/authentication/tutorial/security.py @@ -1,4 +1,5 @@ import bcrypt +from pyramid.authentication import AuthTktCookieHelper def hash_password(pw): @@ -12,9 +13,27 @@ def check_password(pw, hashed_pw): USERS = {'editor': hash_password('editor'), 'viewer': hash_password('viewer')} -GROUPS = {'editor': ['group:editors']} -def groupfinder(userid, request): - if userid in USERS: - return GROUPS.get(userid, [])
\ No newline at end of file +class SecurityPolicy: + def __init__(self, secret): + self.authtkt = AuthTktCookieHelper( + secret=secret, + hashalg='sha512', + ) + + def identify(self, request): + identity = self.authtkt.identify(request) + if identity is not None and identity['userid'] in USERS: + return identity + + def authenticated_userid(self, request): + identity = self.identify(request) + if identity is not None: + return identity['userid'] + + def remember(self, request, userid, **kw): + return self.authtkt.remember(request, userid, **kw) + + def forget(self, request, **kw): + return self.authtkt.forget(request, **kw) |