pypicloud.auth module¶
Utilities for authentication and authorization
-
class
pypicloud.auth.BasicAuthenticationPolicy[source]¶ Bases:
objectA :app:`Pyramid` authentication policy which obtains data from basic authentication headers.
Constructor Arguments
checkA callback passed the credentials and the request, expected to return None if the userid doesn’t exist or a sequence of group identifiers (possibly empty) if the user does exist. Required.
-
class
pypicloud.auth.SessionAuthPolicy[source]¶ Bases:
objectSimple auth policy using beaker sessions
-
authenticated_userid(request)[source]¶ Return the authenticated userid or
Noneif no authenticated userid can be found. This method of the policy should ensure that a record exists in whatever persistent store is used related to the user (the user should not have been deleted); if a record associated with the current id does not exist in a persistent store, it should returnNone.
-
effective_principals(request)[source]¶ Return a sequence representing the effective principals including the userid and any groups belonged to by the current user, including ‘system’ groups such as
pyramid.security.Everyoneandpyramid.security.Authenticated.
-
forget(request)[source]¶ Return a set of headers suitable for ‘forgetting’ the current user on subsequent requests.
-
remember(request, principal, **_)[source]¶ This implementation is slightly different than expected. The application should call remember(userid) rather than remember(principal)
-
unauthenticated_userid(request)[source]¶ Return the unauthenticated userid. This method performs the same duty as
authenticated_useridbut is permitted to return the userid based only on data present in the request; it needn’t (and shouldn’t) check any persistent store to ensure that the user record related to the request userid exists.
-