cubicweb: pyramid_cubicweb/defaults.py@ca3412269cd1 (annotated)

11507 4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	1	import warnings
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	2
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	3	from pyramid.authentication import AuthTktAuthenticationPolicy
11492 b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	4	from pyramid.authorization import ACLAuthorizationPolicy
b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	5
b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	6	from pyramid_cubicweb.core import get_principals
b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	7
b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	8
b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	9	def includeme(config):
11506 bfc1aa1dba30 DB-saved session data Christophe de Vienne <christophe@unlish.com> parents: 11493 diff changeset	10	config.include('pyramid_cubicweb.session')
11492 b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	11
11507 4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	12	secret = config.registry['cubicweb.config']['pyramid-auth-secret']
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	13
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	14	if not secret:
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	15	secret = 'notsosecret'
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	16	warnings.warn('''
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	17
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	18	!! WARNING !! !! WARNING !!
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	19
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	20	The authentication cookies are signed with a static secret key.
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	21	To put your own secret key, edit your all-in-one.conf file
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	22	and set the 'pyramid-session-secret' key.
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	23
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	24	YOU SHOULD STOP THIS INSTANCE unless your really know what you
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	25	are doing !!
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	26
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	27	''')
4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	28
11492 b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	29	config.set_authentication_policy(
11507 4d7286f079e1 Use AuthTktAuthenticationPolicy Christophe de Vienne <christophe@unlish.com> parents: 11506 diff changeset	30	AuthTktAuthenticationPolicy(
11509 ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11507 diff changeset	31	secret, callback=get_principals, hashalg='sha512',
ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11507 diff changeset	32	reissue_time=3600))
11492 b0b8942cdb80 Separate into 4 modules Christophe de Vienne <christophe@unlish.com> parents: diff changeset	33	config.set_authorization_policy(ACLAuthorizationPolicy())
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: 11492 diff changeset	34
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: 11492 diff changeset	35	config.include('pyramid_cubicweb.login')

author	Christophe de Vienne <christophe@unlish.com>
	Thu, 18 Sep 2014 16:51:55 +0200
changeset 11509	ca3412269cd1
parent 11507	4d7286f079e1
child 11519	92423d03ef25
permissions	-rw-r--r--