diff options
| author | Steve Piercy <web@stevepiercy.com> | 2020-01-13 01:51:37 -0800 |
|---|---|---|
| committer | Steve Piercy <web@stevepiercy.com> | 2020-01-13 01:51:37 -0800 |
| commit | 459b0c7051f5a0c4e4ef7adf1e51e3548dba6b39 (patch) | |
| tree | 6629829d0d66756d19ed2633973092a370dabf47 /docs/tutorials/wiki2/authentication.rst | |
| parent | 05f9ff6e2d1d89af68a70ab52894f6575377f78a (diff) | |
| download | pyramid-459b0c7051f5a0c4e4ef7adf1e51e3548dba6b39.tar.gz pyramid-459b0c7051f5a0c4e4ef7adf1e51e3548dba6b39.tar.bz2 pyramid-459b0c7051f5a0c4e4ef7adf1e51e3548dba6b39.zip | |
Use reST numbered list syntax, not markdown
Diffstat (limited to 'docs/tutorials/wiki2/authentication.rst')
| -rw-r--r-- | docs/tutorials/wiki2/authentication.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/docs/tutorials/wiki2/authentication.rst b/docs/tutorials/wiki2/authentication.rst index 5e0077b20..25240b191 100644 --- a/docs/tutorials/wiki2/authentication.rst +++ b/docs/tutorials/wiki2/authentication.rst @@ -49,20 +49,20 @@ Here we've defined: Our new :term:`security policy` defines how our application will remember, forget, and identify users. It also handles authorization, which we'll cover in the next chapter (if you're wondering why we didn't implement the ``permits`` method yet). -Identifying the current user is done in a couple steps: +Identifying the current user is done in a few steps: -1. :app:`Pyramid` invokes a method on the policy requesting identity, userid, or permission to perform an operation. +#. :app:`Pyramid` invokes a method on the policy requesting identity, userid, or permission to perform an operation. -1. The policy starts by calling :meth:`pyramid.request.RequestLocalCache.get_or_create` to load the identity. +#. The policy starts by calling :meth:`pyramid.request.RequestLocalCache.get_or_create` to load the identity. -1. The ``MySecurityPolicy.load_identity`` method asks the cookie helper to pull the identity from the request. +#. The ``MySecurityPolicy.load_identity`` method asks the cookie helper to pull the identity from the request. This value is ``None`` if the cookie is missing or the content cannot be verified. -1. The policy then translates the identity into a ``tutorial.models.User`` object by looking for a record in the database. +#. The policy then translates the identity into a ``tutorial.models.User`` object by looking for a record in the database. This is a good spot to confirm that the user is actually allowed to access our application. For example, maybe they were marked deleted or banned and we should return ``None`` instead of the ``user`` object. -1. The result is stored in the ``identity_cache`` which ensures that subsequent invocations return the same identity object for the request. +#. The result is stored in the ``identity_cache`` which ensures that subsequent invocations return the same identity object for the request. Finally, :attr:`pyramid.request.Request.authenticated_identity` contains either ``None`` or a ``tutorial.models.User`` instance and that value is aliased to ``request.user`` for convenience in our application. |