pypicloud.auth module¶
Utilities for authentication and authorization
-
class
pypicloud.auth.
BasicAuthenticationPolicy
[source]¶ Bases:
object
A :app:`Pyramid` authentication policy which obtains data from basic authentication headers.
Constructor Arguments
check
A callback passed the credentials and the request, expected to return None if the userid doesn’t exist or a sequence of group identifiers (possibly empty) if the user does exist. Required.
-
class
pypicloud.auth.
SessionAuthPolicy
[source]¶ Bases:
object
Simple auth policy using beaker sessions
-
authenticated_userid
(request)[source]¶ Return the authenticated userid or
None
if no authenticated userid can be found. This method of the policy should ensure that a record exists in whatever persistent store is used related to the user (the user should not have been deleted); if a record associated with the current id does not exist in a persistent store, it should returnNone
.
-
effective_principals
(request)[source]¶ Return a sequence representing the effective principals including the userid and any groups belonged to by the current user, including ‘system’ groups such as
pyramid.security.Everyone
andpyramid.security.Authenticated
.
-
forget
(request)[source]¶ Return a set of headers suitable for ‘forgetting’ the current user on subsequent requests.
-
remember
(request, principal, **_)[source]¶ This implementation is slightly different than expected. The application should call remember(userid) rather than remember(principal)
-
unauthenticated_userid
(request)[source]¶ Return the unauthenticated userid. This method performs the same duty as
authenticated_userid
but is permitted to return the userid based only on data present in the request; it needn’t (and shouldn’t) check any persistent store to ensure that the user record related to the request userid exists.
-