Skip to main content

Debug Authentication Policy for Pyramid

Project description

Debug Authentication Policy for Pyramid. Provide a simple and standard way to define the pyramid principals from the HTTP client.

Warning: This pyramid is totally unsafe for production and should be restricted to debug usage / development phase.

Installation

Install using setuptools, e.g. (within a virtualenv):

$ pip install pyramid_debugauth

Setup

Once pyramid_debugauth is installed, you can define a authentication policy with config.set_authentication_policy.

In your Pyramid project:

from pyramid.authorization import ACLAuthorizationPolicy
from pyramid_debugauth import DebugAuthenticationPolicy

config = Configurator(.....)
config.set_authentication_policy(DebugAuthenticationPolicy())
config.set_authorization_policy(ACLAuthorizationPolicy())

Usage

The DebugAuthenticationPolicy allows a client to impersonate any user and specify any number of principals desired using the standard Authorization http header and a non-standard auth-scheme Debug (RFC 7235):

Authorization: Debug user_id [principal_1] [principal_2] ...

With common http clients:

$ curl http://localhost:6543 -H 'Authorization: Debug bob admin'

$ http http://localhost:6543 'Authorization: Debug bob admin'

Or using a non-standard authorization query parameter:

http://localhost:6543/protected?authorization=debug%20user_id%20principal_1

With common http clients:

$ curl http://localhost:6543?authorization=debug%20bob%20admin

$ http http://localhost:6543?authorization=debug\ bob\ admin

Development

Running tests:

$ virtualenv venv
$ . venv/bin/activate
(venv)$ pip install -e .[dev]
(venv)$ nosetests

Changelog

0.2.0 (2018-02-09)

  • Switch to Github

  • Switch to setuptools (from d2to1)

  • Fix crash in tests with recent versions of Pyramid

0.1.2 (2014-12-03)

  • Permit setting a custom callback.

0.1.1 (2014-09-09)

  • Add ability to authenticate via Query String

0.0.2 (2014-09-08)

  • Minimal feature set

  • First release on PyPI

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_debugauth-0.2.0.tar.gz (4.5 kB view hashes)

Uploaded source

Built Distribution

pyramid_debugauth-0.2.0-py2-none-any.whl (6.8 kB view hashes)

Uploaded py2

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page