Skip to main content

Debug Authentication Policy for Pyramid

Project description


Debug Authentication Policy for Pyramid. Provide a simple and standard way to
define the pyramid principals from the HTTP client.

.. warning::

(Obviously) This pyramid is totally unsafe for production and should be
restricted to debug usage / development phase.

* PyPI:
* Bitbucket:
* Bugs:


Install using setuptools, e.g. (within a virtualenv)::

$ pip install pyramid_debugauth


Once ``pyramid_debugauth`` is installed, you can define a authentication policy
with ``config.set_authentication_policy``.

In your Pyramid project:

.. code-block:: python

from pyramid.authorization import ACLAuthorizationPolicy
from pyramid_debugauth import DebugAuthenticationPolicy

config = Configurator(.....)


The DebugAuthenticationPolicy allows a client to impersonate any user and
specify any number of principals desired using the standard *Authorization*
http header and a non-standard auth-scheme *Debug* (:rfc:`7235`):

``Authorization: Debug user_id [principal_1] [principal_2] ...``

With common http clients:

$ curl http://localhost:6543 -H 'Authorization: Debug bob admin'

$ http http://localhost:6543 'Authorization: Debug bob admin'

Or using a non-standard *authorization* query parameter:


With common http clients:

$ curl http://localhost:6543?authorization%20debug%20bob%20admin

$ http http://localhost:6543?authorization\ debug\ bob\ admin


Running tests::

$ virtualenv venv
$ . venv/bin/activate
(venv)$ pip install -r requirements-test.txt
(venv)$ nosetests

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_debugauth-0.1.0.tar.gz (3.8 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page