Skip to main content

pyramid_persona

Project description

pyramid_persona let you quickly set up authentication using persona on your pyramid project. It aims at giving as much as possible with as little configuration as possible, while still letting you customize if you want.

Very basic usage

First of all, include pyramid_persona. Add this in your project configuration

config.include("pyramid_persona")

Then, we need two little lines in your config files : a secret used to sign cookies, and the audience, the hostname and port of your website (this is needed for security reasons):

persona.secret = This is some secret string
persona.audience = http://localhost:6543

There, we’re done. We now have a nice forbidden view with a persona login button.

Less basic usage

pyramid_persona also provides you a way to easily put a login or logout button on your pages. To do so, you need to include jquery, the persona library, and some application-specific in your heads. The application specific javascript can be accessed as request.persona_js.

Then, you can add the button in your page. request.persona_button provides a login if the user is not logged in, and a logout button if they are.

A basic page might be (using mako)

<html>
<head>
    <script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script>
    <script src="https://browserid.org/include.js" type="text/javascript"></script>
    <script type="text/javascript">${request.persona_js}</script>
</head>
<body>
Hello ${user}
${request.persona_button}
</body>
</html>

Customized buttons

You can also use your own buttons. For that, you have to include the javascript like in the previous section and give your login and logout button the signin and signout classes. For example

<button id='signin'>login</button>
<button id='signout'>logout</button>

What it does

Here is, in details, what including pyramid_persona does :

  • it defines an authentication policy, an authorization policy, and a session factory (this is needed for csrf protection, and is why we need a secret). Defaults are SessionAuthenticationPolicy, ACLAuthorizationPolicy and UnencryptedCookieSessionFactoryConfig. You can override it if you prefer.

  • it adds a persona_js request attribute containing the javascript code needed to make persona work.

  • it adds a persona_button request attribute containing html code for quickly putting a login button.

  • it defines the /login and /logout views to handle the persona workflow.

  • it defines a basic forbidden view with a login button.

Configuration

You can override any policy or view defined by pyramid_persona by defining them the usual way.

pyramid_persona defines the following settings :

persona.secret

A secret string used to sign cookies. Required only if you do not defined another session factory.

persona.audience

The protocol, domain name, and port of your site, as defined in the persona documentation. Required.

persona.login_route

The login route name. Optional, default is ‘login’.

persona.login_path

The login route path. Optional, default is ‘/login’.

persona.logout_route

The logout route name. Optional, default is ‘logout’.

persona.logout_path

The logout route path. Optional, default is ‘/logout’.

Contact

This project is made by Georges Dubus (@georgesdubus). Bug reports and pull requests are welcome.

1.0

  • Initial version

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_persona-1.0.tar.gz (5.6 kB view details)

Uploaded Source

File details

Details for the file pyramid_persona-1.0.tar.gz.

File metadata

  • Download URL: pyramid_persona-1.0.tar.gz
  • Upload date:
  • Size: 5.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for pyramid_persona-1.0.tar.gz
Algorithm Hash digest
SHA256 c12ac09f80bc1eb0632e5e08a017c1bed3838c02805873c50cfa7d145929b766
MD5 8c722526c715edda530bee89c7ad2fc5
BLAKE2b-256 f4442fb0110f9c36842c56b64b55b9293d887b2d5107af390e8bc269f8f91921

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page