Skip to main content

Pyramid security extension to register multiple contexts based authentication policies.

Project description

https://travis-ci.org/hadrien/pyramid_contextauth.png https://coveralls.io/repos/hadrien/pyramid_mongokit/badge.png https://pypip.in/d/pyramid_contextauth/badge.png

A simple pyramid extension to register contexts based authentication policy. Introspectables for policies registered are added to configuration and will appear in debugtoolbar with their associated contexts.

from pyramid.security import remember, forget
from pyramid.authentication import AuthTktAuthenticationPolicy

def includeme(config):
    config.include('pyramid_contextauth')
    config.register_authentication_policy(
        AuthTktAuthenticationPolicy('secret'),
        Context1,
    )
    config.register_authentication_policy(
        ContextAuthenticationPolicy(),
        (Context2, Context3),
    )


class Context1(object):
    pass


class Context2(object):
    pass


class Context3(object):
    pass


class ContextAuthenticationPolicy(object):

    def authenticated_userid(self, request):
        return unauthenticated_userid(request)

    def unauthenticated_userid(self, request):
        "A dummy example"
        return request.POST.get('userid')

    def effective_principals(self, request):
        if self.unauthenticated_userid(request):
            return ['User']
        return []

    def remember(self, request, prinicpal, **kw):
        return remember(request, prinicpal, **kw)

    def forget(self, request):
        return forget(request)

Changelog

0.7

  • Policy checks on each resource lineage and get the first policy it gets.

  • Add coverall in after_success of travis config.

0.6

  • Removing decorator authentication_policy: extension should not instantiate authentication policy class internally.

0.5

  • Registering same context to multiple policies raises a configuration error.

  • Unregister old policy when overriding a context with another policy.

  • Change register_authentication_policy and authentication_policy signatures.

0.4

  • Add introspectables to config for registered authentication policies.

  • Rename register_context to register_policy

0.3

  • Break backward compatibility as ContextBasedAuthenticationPolicy.register_context now requires config instance as first argument.

  • Add config.register_authentication_policy configuration directive which accepts a list of contexts.

  • Use registry adpaters to register policies rather than a dict.

  • Add a decorator authentication_policy to register policies when doing a config scan.

0.2.1

  • Adjust requirements files and dependencies.

0.2

  • Update dependencies by adding requirements files.

0.1.1

  • Changed register_context interface which breaks compatibility with 0.0.3

0.0.3

  • Commit configuration before returning from includeme.

0.0.2

  • When not provided, authenticated_userid and effective_principals from super class CallbackAuthenticationPolicy are used.

0.0.1

  • Initial version

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_contextauth-0.7.tar.gz (4.6 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page