Skip to main content

Definition of authentication basics for the Zope Framework

Project description

This package provides a definition of authentication concepts for use in
Zope Framework.


Detailed Documentation
======================


==============
Logout Support
==============

Logout support is defined by a simple interface ILogout:

>>> from zope.authentication.interfaces import ILogout

that has a single 'logout' method.

The current use of ILogout is to adapt an IAuthentication component to ILogout
To illustrate, we'll create a simple logout implementation that adapts
IAuthentication:

>>> @adapter(IAuthentication)
... @implementer(ILogout)
... class SimpleLogout(object):
...
... def __init__(self, auth):
... pass
...
... def logout(self, request):
... print('User has logged out')

>>> provideAdapter(SimpleLogout)

and something to represent an authentication utility:

>>> @implementer(IAuthentication)
... class Authentication(object):
... pass

>>> auth = Authentication()

To perform a logout, we adapt auth to ILogout and call 'logout':

>>> logout = ILogout(auth)
>>> logout.logout(TestRequest())
User has logged out


The 'NoLogout' Adapter
----------------------

The class:

>>> from zope.authentication.logout import NoLogout

can be registered as a fallback provider of ILogout for IAuthentication
components that are not otherwise adaptable to ILogout. NoLogout's logout
method is a no-op:

>>> NoLogout(auth).logout(TestRequest())


Logout User Interface
---------------------

Because some authentication protocols do not formally support logout, it may
not be possible for a user to logout once he or she has logged in. In such
cases, it would be inappropriate to present a user interface for logging out.

Because logout support is site-configurable, Zope provides an adapter that,
when registered, indicates that the site is configured for logout:

>>> from zope.authentication.logout import LogoutSupported

This class merely serves as a flag as it implements ILogoutSupported:

>>> from zope.authentication.interfaces import ILogoutSupported
>>> ILogoutSupported.implementedBy(LogoutSupported)
True

>>> request = object()
>>> ILogoutSupported.providedBy(LogoutSupported(request))
True


===============
Principal Terms
===============

Principal Terms are used to support browser interfaces for searching principal
sources. They provide access to tokens and titles for values. The principal
terms view uses an authentication utility to get principal titles. Let's
create an authentication utility to demonstrate how this works:

>>> class Principal:
... def __init__(self, id, title):
... self.id, self.title = id, title

>>> from zope.interface import implementer
>>> from zope.authentication.interfaces import IAuthentication
>>> from zope.authentication.interfaces import PrincipalLookupError
>>> @implementer(IAuthentication)
... class AuthUtility:
... data = {'jim': u'Jim Fulton', 'stephan': u'Stephan Richter'}
...
... def getPrincipal(self, id):
... title = self.data.get(id)
... if title is not None:
... return Principal(id, title)
... raise PrincipalLookupError

Now we need to install the authentication utility:

>>> from zope.component import provideUtility
>>> provideUtility(AuthUtility(), IAuthentication)

We need a principal source so that we can create a view from it.

>>> from zope.component import getUtility
>>> class PrincipalSource:
... def __contains__(self, id):
... auth = getUtility(IAuthentication)
... try:
... auth.getPrincipal(id)
... except PrincipalLookupError:
... return False
... else:
... return True

Now we can create an terms view:

>>> from zope.authentication.principal import PrincipalTerms
>>> terms = PrincipalTerms(PrincipalSource(), None)

Now we can ask the terms view for terms:

>>> term = terms.getTerm('stephan')
>>> term.title
'Stephan Richter'
>>> term.token
'c3RlcGhhbg__'

If we ask for a term that does not exist, we get a lookup error:

>>> terms.getTerm('bob')
Traceback (most recent call last):
...
LookupError: bob

If we have a token, we can get the principal id for it.

>>> terms.getValue('c3RlcGhhbg__')
'stephan'


Changes
=======

4.2.0 (2014-12-26)
------------------

- Add support for PyPy. PyPy3 support is blocked on a release of a fix for:
https://bitbucket.org/pypy/pypy/issue/1946

- Add support for Python 3.4.

- Add support for testing on Travis.


4.1.0 (2013-02-21)
------------------

- Add support for Python 3.3.

- Add ``tox.ini`` and ``MANIFEST.in``.


4.0.0 (2012-07-04)
------------------

- Break inappropriate testing dependency on ``zope.component.nextutility``.

(Forward-compatibility with ``zope.component`` 4.0.0).

- Replace deprecated ``zope.component.adapts`` usage with equivalent
``zope.component.adapter`` decorator.

- Replace deprecated ``zope.interface.implements`` usage with equivalent
``zope.interface.implementer`` decorator.

- Drop support for Python 2.4 and 2.5.


3.7.1 (2010-04-30)
------------------

- Remove undeclared testing dependency on ``zope.testing``.

3.7.0 (2009-03-14)
------------------

Initial release. This package was split off from ``zope.app.security`` to
provide a separate common interface definition for authentication utilities
without extra dependencies.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

zope.authentication-4.2.0.tar.gz (13.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page