pyramid_who
¶
pyramid_who
is an extension for the pyramid
web framework,
providing an authentication policy based on the “new” repoze.who
API,
as found in version 2.0 and greater.
Usage¶
Configure the WhoV2AuthenticationPolicy
into your pyramid
application via imperative Python code:
import os
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
from pyramid_who.whov2 import WhoV2AuthenticationPolicy
from my_package.users import verify_user
config_file = '/path/to/who.ini'
identifier_id = 'auth_tkt'
authentication_policy = WhoV2AuthenticationPolicy(config_file,
identifier_id,
callback=verify_user)
authorization_policy = ACLAuthorizationPolicy()
config = Configurator(authentication_policy=authentication_policy,
authorization_policy=authorization_policy)
or via ZCML:
1 2 3 4 5 6 7 8 9 10 | <include
package="pyramid_who"
file="meta.zcml"
/>
<whov2authenticatonpolicy
config_file="/path/to/who.ini"
identifier_id="auth_tkt"
callback="my_package.users.verify_user"
/>
|
Configuration Options¶
config_file
- Required. The path to a
repoze.who
configuration file. May include~
or${envvar}
constructs, which will be expanded usingos.path.expanduser()
andos.path.expandvars()
, respectively. Relative paths will be made absolute usingos.path.abspath()
. If the path does not exist, or points to a non-file, the factory function raises an error. identifier_id
- Required. The ID within that file of the
repoze.who
authentication plugin used to “remember” and “forget” authenticated users. E.g., if the config file configures the stockauth_tkt
plugin IDauth_tkt_plugin
, this value should be the string,"auth_tkt_plugin"
. callback
- Optional. A function taking
identity
(arepoze.who
identity mapping) andrequest
, and returning a sequence of group IDs for the user, if she exists. If not, the callback must return None. If no callback is passed, the policy assumes that the user exists, but has no additional groups.
Interaction with repoze.who
Middleware¶
If your application is deployed with the middleware from repoze.who
active, the plugin will use the identity and API objects which the middleware
injects into the WSGI environment. Otherwise, it will use the supplied
configuration file to create a repoze.who
API instance when needed.
Reporting Bugs / Development Versions¶
Visit https://github.com/Pylons/pyramid_who/issues to report bugs. Visit https://github.com/Pylons/pyramid_who to download development or tagged versions.