This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Project Description

An authentication policy for Pyramid that proxies to a stack of other authentication policies.

Overview

MultiAuthenticationPolicy is a Pyramid authentication policy that proxies to a stack of other IAuthenticationPolicy objects, to provide a combined auth solution from individual pieces. Simply pass it a list of policies that should be tried in order:

policies = [
    IPAuthenticationPolicy("127.0.*.*", principals=["local"])
    IPAuthenticationPolicy("192.168.*.*", principals=["trusted"])
]
authn_policy = MultiAuthenticationPolicy(policies)
config.set_authentication_policy(authn_policy)

This example uses the pyramid_ipauth module to assign effective principals based on originating IP address of the request. It combines two such policies so that requests originating from “127.0.*.*” will have principal “local” while requests originating from “192.168.*.*” will have principal “trusted”.

In general, the results from the stacked authentication policies are combined as follows:

  • authenticated_userid: return userid from first successful policy
  • unauthenticated_userid: return userid from first successful policy
  • effective_principals: return union of principals from all policies
  • remember: return headers from all policies
  • forget: return headers from all policies

Deployment Settings

It is also possible to specify the authentication policies as part of your paste deployment settings. Consider the following example:

[app:pyramidapp]
use = egg:mypyramidapp

multiauth.policies = ipauth1 ipauth2 pyramid_browserid

multiauth.policy.ipauth1.use = pyramid_ipauth.IPAuthentictionPolicy
multiauth.policy.ipauth1.ipaddrs = 127.0.*.*
multiauth.policy.ipauth1.principals = local

multiauth.policy.ipauth2.use = pyramid_ipauth.IPAuthentictionPolicy
multiauth.policy.ipauth2.ipaddrs = 192.168.*.*
multiauth.policy.ipauth2.principals = trusted

To configure authentication from these settings, simply include the multiauth module into your configurator:

config.include("pyramid_multiauth")

In this example you would get a MultiAuthenticationPolicy with three stacked auth policies. The first two, ipauth1 and ipauth2, are defined as the name of of a callable along with a set of keyword arguments. The third is defined as the name of a module, pyramid_browserid, which will be procecesed via the standard config.include() mechanism.

The end result would be a system that authenticates users via BrowserID, and assigns additional principal identifiers based on the originating IP address of the request.

If necessary, the group finder function and the authorization policy can also be specified from configuration:

[app:pyramidapp]
use = egg:mypyramidapp

multiauth.authorization_policy = mypyramidapp.acl.Custom
multiauth.groupfinder  = mypyramidapp.acl.groupfinder

...

MultiAuthPolicySelected Event

An event is triggered when one of the multiple policies configured is selected.

from pyramid_multiauth import MultiAuthPolicySelected


# Track policy used, for prefixing user_id and for logging.
def on_policy_selected(event):
    print("%s (%s) authenticated %s for request %s" % (event.policy_name,
                                                       event.policy,
                                                       event.userid,
                                                       event.request))

config.add_subscriber(on_policy_selected, MultiAuthPolicySelected)

0.9.0 (2016-11-07)

  • Drop support for python 2.6

0.8.0 (2016-02-11)

  • Provide userid attribute in MultiAuthPolicySelected event.
  • Always notify event when user is identified with authenticated_userid() (i.e. through effective_principals() with group finder callback).

0.7.0 (2016-02-09)

  • Add get_policies() method to retrieve the list of contained authentication policies and their respective names.

0.6.0 (2016-01-27)

  • Provide the policy name used in settings in the MultiAuthPolicySelected event.

0.5.0 - 2015-05-19

  • Read authorization policy from settings if present.

0.4.0 - 2014-01-02

  • Make authenticated_userid None when groupfinder returns None.

0.3.2 - 2013-05-29

  • Fix some merge bustage; this should contain all the things that were claimed to be contained in the 0.3.1 release, but in fact were not.

0.3.1 - 2013-05-15

  • MultiAuthPolicySelected events now include the request object, so you can e.g. access the registry from the handler function.
  • Fixed some edge-cases in merging effective_principals with the output of the groupfinder callback.

0.3.0 - 2012-11-27

  • Support for Python3 via source-level compatibility.
  • Fire a MultiAuthPolicySelected event when a policy is successfully used for authentication.

0.2.0 - 2012-10-04

  • Add get_policy() method, which can be used to look up the loaded sub-policies at runtime.

0.1.2 - 2012-01-30

  • Update license to MPL 2.0.

0.1.1 - 2011-12-20

  • Compatability with Pyramid 1.3.

0.1.0 - 2011-11-11

  • Initial release.
Release History

Release History

0.9.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.8.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.7.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.6.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.2.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
pyramid_multiauth-0.9.0-py2.py3-none-any.whl (13.3 kB) Copy SHA256 Checksum SHA256 2.7 Wheel Nov 7, 2016
pyramid_multiauth-0.9.0.tar.gz (17.1 kB) Copy SHA256 Checksum SHA256 Source Nov 7, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting