author | Christophe de Vienne <christophe@unlish.com> |
Thu, 18 Sep 2014 11:43:45 +0200 | |
changeset 11507 | 4d7286f079e1 |
parent 11506 | bfc1aa1dba30 |
child 11509 | ca3412269cd1 |
permissions | -rw-r--r-- |
11507
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
1 |
import warnings |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
2 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
3 |
from pyramid.authentication import AuthTktAuthenticationPolicy |
11492
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
4 |
from pyramid.authorization import ACLAuthorizationPolicy |
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
5 |
|
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
6 |
from pyramid_cubicweb.core import get_principals |
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
7 |
|
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
8 |
|
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
9 |
def includeme(config): |
11506
bfc1aa1dba30
DB-saved session data
Christophe de Vienne <christophe@unlish.com>
parents:
11493
diff
changeset
|
10 |
config.include('pyramid_cubicweb.session') |
11492
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
11 |
|
11507
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
12 |
secret = config.registry['cubicweb.config']['pyramid-auth-secret'] |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
13 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
14 |
if not secret: |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
15 |
secret = 'notsosecret' |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
16 |
warnings.warn(''' |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
17 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
18 |
!! WARNING !! !! WARNING !! |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
19 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
20 |
The authentication cookies are signed with a static secret key. |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
21 |
To put your own secret key, edit your all-in-one.conf file |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
22 |
and set the 'pyramid-session-secret' key. |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
23 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
24 |
YOU SHOULD STOP THIS INSTANCE unless your really know what you |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
25 |
are doing !! |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
26 |
|
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
27 |
''') |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
28 |
|
11492
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
29 |
config.set_authentication_policy( |
11507
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
30 |
AuthTktAuthenticationPolicy( |
4d7286f079e1
Use AuthTktAuthenticationPolicy
Christophe de Vienne <christophe@unlish.com>
parents:
11506
diff
changeset
|
31 |
secret, callback=get_principals, hashalg='sha512')) |
11492
b0b8942cdb80
Separate into 4 modules
Christophe de Vienne <christophe@unlish.com>
parents:
diff
changeset
|
32 |
config.set_authorization_policy(ACLAuthorizationPolicy()) |
11493
00e5cb9771c5
Put the login view in a separate module.
Christophe de Vienne <christophe@unlish.com>
parents:
11492
diff
changeset
|
33 |
|
00e5cb9771c5
Put the login view in a separate module.
Christophe de Vienne <christophe@unlish.com>
parents:
11492
diff
changeset
|
34 |
config.include('pyramid_cubicweb.login') |