diff options
| author | Michael Merickel <michael@merickel.org> | 2019-12-23 14:14:48 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-23 14:14:48 -0600 |
| commit | 323cfbb45e6ee4b7462bbea9dcaa4e8258dd74f6 (patch) | |
| tree | c1b2565b27da44efefdab57294f78025ebad53e1 /docs/whatsnew-2.0.rst | |
| parent | 912dc539ca793959d7465995f906279dad21ccc9 (diff) | |
| parent | e46d009954e89be393d748b9e97b1202ece3eafe (diff) | |
| download | pyramid-323cfbb45e6ee4b7462bbea9dcaa4e8258dd74f6.tar.gz pyramid-323cfbb45e6ee4b7462bbea9dcaa4e8258dd74f6.tar.bz2 pyramid-323cfbb45e6ee4b7462bbea9dcaa4e8258dd74f6.zip | |
Merge pull request #3545 from luhn/authenticated-userid
Security policy changes
Diffstat (limited to 'docs/whatsnew-2.0.rst')
| -rw-r--r-- | docs/whatsnew-2.0.rst | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/docs/whatsnew-2.0.rst b/docs/whatsnew-2.0.rst index ec506894e..d5f825c43 100644 --- a/docs/whatsnew-2.0.rst +++ b/docs/whatsnew-2.0.rst @@ -40,15 +40,15 @@ The new security policy should implement ``security_policy`` argument of :class:`pyramid.config.Configurator` or :meth:`pyramid.config.Configurator.set_security_policy`. +The policy contains ``authenticated_userid`` and ``remember``, +with the same method signatures as in the legacy authentication policy. It +also contains ``forget``, but now with keyword arguments in the method +signature. + The new security policy adds the concept of an :term:`identity`, which is an object representing the user associated with the current request. The identity can be accessed via :attr:`pyramid.request.Request.authenticated_identity`. -The object can be of any shape, such as a simple ID string or an ORM object, -but should implement a ``__str__`` method that returns a string identifying the -current user, e.g. the ID of the user object in a database. The string -representation is return as -:attr:`pyramid.request.Request.authenticated_userid`. -(:attr:`pyramid.request.Request.unauthenticated_userid` has been deprecated.) +The object can be of any shape, such as a simple ID string or an ORM object. The concept of :term:`principals <principal>` has been removed; the ``permits`` method is passed an identity object. This change gives much more @@ -94,10 +94,5 @@ normal, as well as all related :class:`pyramid.request.Request` properties. The new :attr:`pyramid.request.Request.authenticated_identity` property will output the same result as :attr:`pyramid.request.Request.authenticated_userid`. -If using a security policy, -:attr:`pyramid.request.Request.unauthenticated_userid` and -:attr:`pyramid.request.Request.authenticated_userid` will both return the -string representation of the :term:`identity`. -:attr:`pyramid.request.Request.effective_principals` will always return a -one-element list containing the :data:`pyramid.security.Everyone` principal, as -there is no equivalent in the new security policy. +If using a security policy, :attr:`pyramid.request.Request.unauthenticated_userid` will return the same value as :attr:`pyramid.request.Request.authenticated_userid`. +:attr:`pyramid.request.Request.effective_principals` will always return a one-element list containing the :data:`pyramid.security.Everyone` principal, as there is no equivalent in the new security policy. |