pyramid_multiauth
Project description
An authentication policy for Pyramid that proxies to a stack of other authentication policies.
Overview
MultiAuthenticationPolicy is a Pyramid authentication policy that proxies to a stack of other IAuthenticationPolicy objects, to provide a combined auth solution from individual pieces. Simply pass it a list of policies that should be tried in order:
policies = [ IPAuthenticationPolicy("127.0.*.*", principals=["local"]) IPAuthenticationPolicy("192.168.*.*", principals=["trusted"]) ] authn_policy = MultiAuthenticationPolicy(policies) config.set_authentication_policy(authn_policy)
This example uses the pyramid_ipauth module to assign effective principals based on originating IP address of the request. It combines two such policies so that requests originating from “127.0.*.*” will have principal “local” while requests originating from “192.168.*.*” will have principal “trusted”.
In general, the results from the stacked authentication policies are combined as follows:
authenticated_userid: return userid from first successful policy
unauthenticated_userid: return userid from first successful policy
effective_principals: return union of principals from all policies
remember: return headers from all policies
forget: return headers from all policies
Deployment Settings
It is also possible to specify the authentication policies as part of your paste deployment settings. Consider the following example:
[app:pyramidapp] use = egg:mypyramidapp multiauth.policies = ipauth1 ipauth2 pyramid_browserid multiauth.policy.ipauth1.use = pyramid_ipauth.IPAuthentictionPolicy multiauth.policy.ipauth1.ipaddrs = 127.0.*.* multiauth.policy.ipauth1.principals = local multiauth.policy.ipauth2.use = pyramid_ipauth.IPAuthentictionPolicy multiauth.policy.ipauth2.ipaddrs = 192.168.*.* multiauth.policy.ipauth2.principals = trusted
To configure authentication from these settings, simply include the multiauth module into your configurator:
config.include("pyramid_multiauth")
In this example you would get a MultiAuthenticationPolicy with three stacked auth policies. The first two, ipauth1 and ipauth2, are defined as the name of of a callable along with a set of keyword arguments. The third is defined as the name of a module, pyramid_browserid, which will be procecesed via the standard config.include() mechanism.
The end result would be a system that authenticates users via BrowserID, and assigns additional principal identifiers based on the originating IP address of the request.
0.3.1 - 2013-05-15
MultiAuthPolicySelected events now include the request object, so you can e.g. access the registry from the handler function.
Fixed some edge-cases in merging effective_principals with the output of the groupfinder callback.
0.3.0 - 2012-11-27
Support for Python3 via source-level compatibility.
Fire a MultiAuthPolicySelected event when a policy is successfully used for authentication.
0.2.0 - 2012-10-04
Add get_policy() method, which can be used to look up the loaded sub-policies at runtime.
0.1.2 - 2012-01-30
Update license to MPL 2.0.
0.1.1 - 2011-12-20
Compatability with Pyramid 1.3.
0.1.0 - 2011-11-11
Initial release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file pyramid_multiauth-0.3.1.tar.gz
.
File metadata
- Download URL: pyramid_multiauth-0.3.1.tar.gz
- Upload date:
- Size: 9.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 373af748009368b681013b330a052836d0abda29e0dff54ba30ebed30a3d3301 |
|
MD5 | 0f6a4aaf1fed0430ab3214af2532211d |
|
BLAKE2b-256 | d3bb6c6881b0ebcfca3a120e914dd21e52a2985303f5330561a9234ac3c13558 |