From 801adfb060911b92f9787ec6517250436b1373be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Domen=20Ko=C5=BEar?= <domen@dev.si>
Date: Sun, 23 Sep 2012 18:01:46 +0200
Subject: Add SHA512AuthTktAuthenticationPolicy and deprecate
 AuthTktAuthenticationPolicy

---
 docs/api/authentication.rst | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'docs')

diff --git a/docs/api/authentication.rst b/docs/api/authentication.rst
index 5d4dbd9e3..ed96e9c98 100644
--- a/docs/api/authentication.rst
+++ b/docs/api/authentication.rst
@@ -8,6 +8,8 @@ Authentication Policies
 
 .. automodule:: pyramid.authentication
 
+  .. autoclass:: SHA512AuthTktAuthenticationPolicy
+
   .. autoclass:: AuthTktAuthenticationPolicy
 
   .. autoclass:: RepozeWho1AuthenticationPolicy
-- 
cgit v1.2.3


From 41b7db829af0700c0b02185067db5b2ffd3e43f1 Mon Sep 17 00:00:00 2001
From: Michael Merickel <michael@merickel.org>
Date: Tue, 30 Oct 2012 02:24:43 -0500
Subject: updated authentication policy api documentation

---
 docs/api/authentication.rst | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'docs')

diff --git a/docs/api/authentication.rst b/docs/api/authentication.rst
index 587026a3b..19d08618b 100644
--- a/docs/api/authentication.rst
+++ b/docs/api/authentication.rst
@@ -9,14 +9,24 @@ Authentication Policies
 .. automodule:: pyramid.authentication
 
   .. autoclass:: AuthTktAuthenticationPolicy
+     :members:
+     :inherited-members:
 
   .. autoclass:: RemoteUserAuthenticationPolicy
+     :members:
+     :inherited-members:
 
   .. autoclass:: SessionAuthenticationPolicy
+     :members:
+     :inherited-members:
 
   .. autoclass:: BasicAuthAuthenticationPolicy
+     :members:
+     :inherited-members:
 
   .. autoclass:: RepozeWho1AuthenticationPolicy
+     :members:
+     :inherited-members:
 
 Helper Classes
 ~~~~~~~~~~~~~~
-- 
cgit v1.2.3


From a2b3e2847ba6e09bf24c1e455dda96b35a090b50 Mon Sep 17 00:00:00 2001
From: Carlos de la Guardia <cguardia@yahoo.com>
Date: Fri, 2 Nov 2012 00:06:58 -0600
Subject: typo

---
 docs/narr/renderers.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'docs')

diff --git a/docs/narr/renderers.rst b/docs/narr/renderers.rst
index 63287e2cd..1158d2225 100644
--- a/docs/narr/renderers.rst
+++ b/docs/narr/renderers.rst
@@ -329,7 +329,7 @@ time "by hand".  Configure a JSONP renderer using the
 Once this renderer is registered via
 :meth:`~pyramid.config.Configurator.add_renderer` as above, you can use
 ``jsonp`` as the ``renderer=`` parameter to ``@view_config`` or
-:meth:`pyramid.config.Configurator.add_view``:
+:meth:`pyramid.config.Configurator.add_view`:
 
 .. code-block:: python
 
-- 
cgit v1.2.3


From 76430b07f199cdbdbd19f463367c72eda1b537c3 Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@plope.com>
Date: Fri, 2 Nov 2012 13:13:26 -0400
Subject: explain csrf token stealing potentiality

---
 docs/narr/sessions.rst | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'docs')

diff --git a/docs/narr/sessions.rst b/docs/narr/sessions.rst
index 1aa1b6341..f7da7838e 100644
--- a/docs/narr/sessions.rst
+++ b/docs/narr/sessions.rst
@@ -63,10 +63,15 @@ application by using the ``session_factory`` argument to the
    this implementation is, by default, *unencrypted*.  You should not use it
    when you keep sensitive information in the session object, as the
    information can be easily read by both users of your application and third
-   parties who have access to your users' network traffic.  Use a different
-   session factory implementation (preferably one which keeps session data on
-   the server) for anything but the most basic of applications where "session
-   security doesn't matter".
+   parties who have access to your users' network traffic.  And if you use this
+   sessioning implementation, and you inadvertently create a cross-site
+   scripting vulnerability in your application, because the session data is
+   stored unencrypted in a cookie, it will also be easier for evildoers to
+   obtain the current user's cross-site scripting token.  In short, use a
+   different session factory implementation (preferably one which keeps session
+   data on the server) for anything but the most basic of applications where
+   "session security doesn't matter", and you are sure your application has no
+   cross-site scripting vulnerabilities.
 
 .. index::
    single: session object
-- 
cgit v1.2.3


From 04875452db1da40bd8ed0841869d511b8d86527d Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@plope.com>
Date: Sun, 4 Nov 2012 01:51:42 -0500
Subject: fix docs, upgrade tutorials, add change note, deprecate using
 zope.deprecation instead of a warning, make hashalg arg a kwarg in certain
 cases in case someone (maybe me) is using nonapi function imports from
 authentication

---
 docs/api/authentication.rst                            |  2 ++
 docs/narr/security.rst                                 |  4 ++--
 docs/tutorials/wiki/authorization.rst                  | 18 +++++++++---------
 .../wiki/src/authorization/tutorial/__init__.py        |  6 +++---
 docs/tutorials/wiki/src/tests/tutorial/__init__.py     |  6 +++---
 docs/tutorials/wiki2/authorization.rst                 | 18 +++++++++---------
 .../wiki2/src/authorization/tutorial/__init__.py       |  4 ++--
 docs/tutorials/wiki2/src/tests/tutorial/__init__.py    |  4 ++--
 8 files changed, 32 insertions(+), 30 deletions(-)

(limited to 'docs')

diff --git a/docs/api/authentication.rst b/docs/api/authentication.rst
index e6ee5658b..49ee405eb 100644
--- a/docs/api/authentication.rst
+++ b/docs/api/authentication.rst
@@ -9,6 +9,8 @@ Authentication Policies
 .. automodule:: pyramid.authentication
 
   .. autoclass:: SHA512AuthTktAuthenticationPolicy
+     :members:
+     :inherited-members:
 
   .. autoclass:: AuthTktAuthenticationPolicy
      :members:
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 07ec0f21e..3c9759e6c 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -90,9 +90,9 @@ For example:
    :linenos:
 
    from pyramid.config import Configurator
-   from pyramid.authentication import AuthTktAuthenticationPolicy
+   from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
    from pyramid.authorization import ACLAuthorizationPolicy
-   authentication_policy = AuthTktAuthenticationPolicy('seekrit')
+   authentication_policy = SHA512AuthTktAuthenticationPolicy('seekrit')
    authorization_policy = ACLAuthorizationPolicy()
    config = Configurator()
    config.set_authentication_policy(authentication_policy)
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index 9e0bf0f09..e2c4637d7 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -134,15 +134,15 @@ Now add those policies to the configuration:
 
 (Only the highlighted lines need to be added.)
 
-We are enabling an ``AuthTktAuthenticationPolicy``, it is based in an auth
-ticket that may be included in the request,  and an ``ACLAuthorizationPolicy``
-that uses an ACL to determine the allow or deny outcome for a view.
-
-Note that the
-:class:`pyramid.authentication.AuthTktAuthenticationPolicy` constructor
-accepts two arguments: ``secret`` and ``callback``.  ``secret`` is a string
-representing an encryption key used by the "authentication ticket" machinery
-represented by this policy: it is required.  The ``callback`` is the
+We are enabling an ``SHA512AuthTktAuthenticationPolicy``, it is based in an
+auth ticket that may be included in the request, and an
+``ACLAuthorizationPolicy`` that uses an ACL to determine the allow or deny
+outcome for a view.
+
+Note that the :class:`pyramid.authentication.SHA512AuthTktAuthenticationPolicy`
+constructor accepts two arguments: ``secret`` and ``callback``.  ``secret`` is
+a string representing an encryption key used by the "authentication ticket"
+machinery represented by this policy: it is required.  The ``callback`` is the
 ``groupfinder()`` function that we created before.
 
 Add permission declarations
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
index 6989145d8..4c766fea2 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
@@ -1,7 +1,7 @@
 from pyramid.config import Configurator
 from pyramid_zodbconn import get_connection
 
-from pyramid.authentication import AuthTktAuthenticationPolicy
+from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from .models import appmaker
@@ -14,8 +14,8 @@ def root_factory(request):
 def main(global_config, **settings):
     """ This function returns a WSGI application.
     """
-    authn_policy = AuthTktAuthenticationPolicy(secret='sosecret',
-                                               callback=groupfinder)
+    authn_policy = SHA512AuthTktAuthenticationPolicy(secret='sosecret',
+                                                     callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(root_factory=root_factory, settings=settings)
     config.set_authentication_policy(authn_policy)
diff --git a/docs/tutorials/wiki/src/tests/tutorial/__init__.py b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
index 6989145d8..4c766fea2 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
@@ -1,7 +1,7 @@
 from pyramid.config import Configurator
 from pyramid_zodbconn import get_connection
 
-from pyramid.authentication import AuthTktAuthenticationPolicy
+from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from .models import appmaker
@@ -14,8 +14,8 @@ def root_factory(request):
 def main(global_config, **settings):
     """ This function returns a WSGI application.
     """
-    authn_policy = AuthTktAuthenticationPolicy(secret='sosecret',
-                                               callback=groupfinder)
+    authn_policy = SHA512AuthTktAuthenticationPolicy(secret='sosecret',
+                                                     callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(root_factory=root_factory, settings=settings)
     config.set_authentication_policy(authn_policy)
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index 6b2d44410..e3087dea5 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -151,15 +151,15 @@ Now add those policies to the configuration:
 
 (Only the highlighted lines need to be added.)
 
-We are enabling an ``AuthTktAuthenticationPolicy``, it is based in an auth
-ticket that may be included in the request,  and an ``ACLAuthorizationPolicy``
-that uses an ACL to determine the allow or deny outcome for a view.
-
-Note that the
-:class:`pyramid.authentication.AuthTktAuthenticationPolicy` constructor
-accepts two arguments: ``secret`` and ``callback``.  ``secret`` is a string
-representing an encryption key used by the "authentication ticket" machinery
-represented by this policy: it is required.  The ``callback`` is the
+We are enabling an ``SHA512AuthTktAuthenticationPolicy``, it is based in an
+auth ticket that may be included in the request, and an
+``ACLAuthorizationPolicy`` that uses an ACL to determine the allow or deny
+outcome for a view.
+
+Note that the :class:`pyramid.authentication.SHA512AuthTktAuthenticationPolicy`
+constructor accepts two arguments: ``secret`` and ``callback``.  ``secret`` is
+a string representing an encryption key used by the "authentication ticket"
+machinery represented by this policy: it is required.  The ``callback`` is the
 ``groupfinder()`` function that we created before.
 
 Add permission declarations
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
index 8922a3cc0..585cdf884 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
@@ -1,5 +1,5 @@
 from pyramid.config import Configurator
-from pyramid.authentication import AuthTktAuthenticationPolicy
+from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from sqlalchemy import engine_from_config
@@ -17,7 +17,7 @@ def main(global_config, **settings):
     engine = engine_from_config(settings, 'sqlalchemy.')
     DBSession.configure(bind=engine)
     Base.metadata.bind = engine
-    authn_policy = AuthTktAuthenticationPolicy(
+    authn_policy = SHA512AuthTktAuthenticationPolicy(
         'sosecret', callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
index 8922a3cc0..585cdf884 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
@@ -1,5 +1,5 @@
 from pyramid.config import Configurator
-from pyramid.authentication import AuthTktAuthenticationPolicy
+from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from sqlalchemy import engine_from_config
@@ -17,7 +17,7 @@ def main(global_config, **settings):
     engine = engine_from_config(settings, 'sqlalchemy.')
     DBSession.configure(bind=engine)
     Base.metadata.bind = engine
-    authn_policy = AuthTktAuthenticationPolicy(
+    authn_policy = SHA512AuthTktAuthenticationPolicy(
         'sosecret', callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
-- 
cgit v1.2.3


From 19b8207ff1e959669d296407ed112545364a495d Mon Sep 17 00:00:00 2001
From: Michael Merickel <michael@merickel.org>
Date: Sun, 4 Nov 2012 11:19:41 -0600
Subject: merged SHA512AuthTktAuthenticationPolicy into
 AuthTktAuthenticationPolicy

AuthTktAuthenticationPolicy now accepts a hashalg parameter and is no
longer deprecated. Docs recommend overriding hashalg and using 'sha512'.
---
 docs/api/authentication.rst                                 |  4 ----
 docs/narr/security.rst                                      | 10 +++++-----
 docs/tutorials/wiki/authorization.rst                       |  4 ++--
 docs/tutorials/wiki/src/authorization/tutorial/__init__.py  |  6 +++---
 docs/tutorials/wiki/src/tests/tutorial/__init__.py          |  6 +++---
 docs/tutorials/wiki2/authorization.rst                      |  4 ++--
 docs/tutorials/wiki2/src/authorization/tutorial/__init__.py |  6 +++---
 docs/tutorials/wiki2/src/tests/tutorial/__init__.py         |  6 +++---
 8 files changed, 21 insertions(+), 25 deletions(-)

(limited to 'docs')

diff --git a/docs/api/authentication.rst b/docs/api/authentication.rst
index 49ee405eb..19d08618b 100644
--- a/docs/api/authentication.rst
+++ b/docs/api/authentication.rst
@@ -8,10 +8,6 @@ Authentication Policies
 
 .. automodule:: pyramid.authentication
 
-  .. autoclass:: SHA512AuthTktAuthenticationPolicy
-     :members:
-     :inherited-members:
-
   .. autoclass:: AuthTktAuthenticationPolicy
      :members:
      :inherited-members:
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 3c9759e6c..3a94b4f7d 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -90,13 +90,13 @@ For example:
    :linenos:
 
    from pyramid.config import Configurator
-   from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
+   from pyramid.authentication import AuthTktAuthenticationPolicy
    from pyramid.authorization import ACLAuthorizationPolicy
-   authentication_policy = SHA512AuthTktAuthenticationPolicy('seekrit')
-   authorization_policy = ACLAuthorizationPolicy()
+   authn_policy = AuthTktAuthenticationPolicy('seekrit', hashalg='sha512')
+   authz_policy = ACLAuthorizationPolicy()
    config = Configurator()
-   config.set_authentication_policy(authentication_policy)
-   config.set_authorization_policy(authorization_policy)
+   config.set_authentication_policy(authn_policy)
+   config.set_authorization_policy(authz_policy)
 
 .. note:: the ``authentication_policy`` and ``authorization_policy``
    arguments may also be passed to their respective methods mentioned above
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index e2c4637d7..24249945a 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -134,12 +134,12 @@ Now add those policies to the configuration:
 
 (Only the highlighted lines need to be added.)
 
-We are enabling an ``SHA512AuthTktAuthenticationPolicy``, it is based in an
+We are enabling an ``AuthTktAuthenticationPolicy``, it is based in an
 auth ticket that may be included in the request, and an
 ``ACLAuthorizationPolicy`` that uses an ACL to determine the allow or deny
 outcome for a view.
 
-Note that the :class:`pyramid.authentication.SHA512AuthTktAuthenticationPolicy`
+Note that the :class:`pyramid.authentication.AuthTktAuthenticationPolicy`
 constructor accepts two arguments: ``secret`` and ``callback``.  ``secret`` is
 a string representing an encryption key used by the "authentication ticket"
 machinery represented by this policy: it is required.  The ``callback`` is the
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
index 4c766fea2..b42e01d03 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
@@ -1,7 +1,7 @@
 from pyramid.config import Configurator
 from pyramid_zodbconn import get_connection
 
-from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
+from pyramid.authentication import AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from .models import appmaker
@@ -14,8 +14,8 @@ def root_factory(request):
 def main(global_config, **settings):
     """ This function returns a WSGI application.
     """
-    authn_policy = SHA512AuthTktAuthenticationPolicy(secret='sosecret',
-                                                     callback=groupfinder)
+    authn_policy = AuthTktAuthenticationPolicy(
+        'sosecret', callback=groupfinder, hashalg='sha512')
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(root_factory=root_factory, settings=settings)
     config.set_authentication_policy(authn_policy)
diff --git a/docs/tutorials/wiki/src/tests/tutorial/__init__.py b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
index 4c766fea2..b42e01d03 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
@@ -1,7 +1,7 @@
 from pyramid.config import Configurator
 from pyramid_zodbconn import get_connection
 
-from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
+from pyramid.authentication import AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from .models import appmaker
@@ -14,8 +14,8 @@ def root_factory(request):
 def main(global_config, **settings):
     """ This function returns a WSGI application.
     """
-    authn_policy = SHA512AuthTktAuthenticationPolicy(secret='sosecret',
-                                                     callback=groupfinder)
+    authn_policy = AuthTktAuthenticationPolicy(
+        'sosecret', callback=groupfinder, hashalg='sha512')
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(root_factory=root_factory, settings=settings)
     config.set_authentication_policy(authn_policy)
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index e3087dea5..1ddf8c82d 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -151,12 +151,12 @@ Now add those policies to the configuration:
 
 (Only the highlighted lines need to be added.)
 
-We are enabling an ``SHA512AuthTktAuthenticationPolicy``, it is based in an
+We are enabling an ``AuthTktAuthenticationPolicy``, it is based in an
 auth ticket that may be included in the request, and an
 ``ACLAuthorizationPolicy`` that uses an ACL to determine the allow or deny
 outcome for a view.
 
-Note that the :class:`pyramid.authentication.SHA512AuthTktAuthenticationPolicy`
+Note that the :class:`pyramid.authentication.AuthTktAuthenticationPolicy`
 constructor accepts two arguments: ``secret`` and ``callback``.  ``secret`` is
 a string representing an encryption key used by the "authentication ticket"
 machinery represented by this policy: it is required.  The ``callback`` is the
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
index 585cdf884..76071173a 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
@@ -1,5 +1,5 @@
 from pyramid.config import Configurator
-from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
+from pyramid.authentication import AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from sqlalchemy import engine_from_config
@@ -17,8 +17,8 @@ def main(global_config, **settings):
     engine = engine_from_config(settings, 'sqlalchemy.')
     DBSession.configure(bind=engine)
     Base.metadata.bind = engine
-    authn_policy = SHA512AuthTktAuthenticationPolicy(
-        'sosecret', callback=groupfinder)
+    authn_policy = AuthTktAuthenticationPolicy(
+        'sosecret', callback=groupfinder, hashalg='sha512')
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
                           root_factory='tutorial.models.RootFactory')
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
index 585cdf884..76071173a 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
@@ -1,5 +1,5 @@
 from pyramid.config import Configurator
-from pyramid.authentication import SHA512AuthTktAuthenticationPolicy
+from pyramid.authentication import AuthTktAuthenticationPolicy
 from pyramid.authorization import ACLAuthorizationPolicy
 
 from sqlalchemy import engine_from_config
@@ -17,8 +17,8 @@ def main(global_config, **settings):
     engine = engine_from_config(settings, 'sqlalchemy.')
     DBSession.configure(bind=engine)
     Base.metadata.bind = engine
-    authn_policy = SHA512AuthTktAuthenticationPolicy(
-        'sosecret', callback=groupfinder)
+    authn_policy = AuthTktAuthenticationPolicy(
+        'sosecret', callback=groupfinder, hashalg='sha512')
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
                           root_factory='tutorial.models.RootFactory')
-- 
cgit v1.2.3