84 (True) Enable/disable defaults. See :ref:`defaults_module`. |
84 (True) Enable/disable defaults. See :ref:`defaults_module`. |
85 |
85 |
86 .. confval:: cubicweb.profile (bool) |
86 .. confval:: cubicweb.profile (bool) |
87 |
87 |
88 (False) Enable/disable profiling. See :ref:`profiling`. |
88 (False) Enable/disable profiling. See :ref:`profiling`. |
|
89 |
|
90 .. confval:: cubicweb.auth.update_login_time (bool) |
|
91 |
|
92 (True) Add a :class:`pyramid_cubicweb.auth.UpdateLoginTimeAuthenticationPolicy` |
|
93 policy, that update the CWUser.login_time attribute when a user login. |
|
94 |
|
95 .. confval:: cubicweb.auth.authtkt (bool) |
|
96 |
|
97 (True) Enables the 2 cookie-base auth policies, which activate/deactivate |
|
98 depending on the `persistent` argument passed to `remember`. |
|
99 |
|
100 The default login views set persistent to True if a `__setauthcookie` |
|
101 parameters is passed to them, and evals to True in |
|
102 :func:`pyramid.settings.asbool`. |
|
103 |
|
104 The configuration values of the policies are arguments for |
|
105 :class:`pyramid.authentication.AuthTktAuthenticationPolicy`. |
|
106 |
|
107 The first policy handles session authentication. It doesn't get |
|
108 activated if `remember()` is called with `persistent=False`: |
|
109 |
|
110 .. confval:: cubicweb.auth.authtkt.session.cookie_name (str) |
|
111 |
|
112 ('auth_tkt') The cookie name. Must be different from the persistent |
|
113 authentication cookie name. |
|
114 |
|
115 .. confval:: cubicweb.auth.authtkt.session.timeout (int) |
|
116 |
|
117 (1200) Cookie timeout. |
|
118 |
|
119 .. confval:: cubicweb.auth.authtkt.session.reissue_time (int) |
|
120 |
|
121 (120) Reissue time. |
|
122 |
|
123 The second policy handles persistent authentication. It doesn't get |
|
124 activated if `remember()` is called with `persistent=True`: |
|
125 |
|
126 .. confval:: cubicweb.auth.authtkt.persistent.cookie_name (str) |
|
127 |
|
128 ('auth_tkt') The cookie name. Must be different from the session |
|
129 authentication cookie name. |
|
130 |
|
131 .. confval:: cubicweb.auth.authtkt.persistent.max_age (int) |
|
132 |
|
133 (30 days) Max age in seconds. |
|
134 |
|
135 .. confval:: cubicweb.auth.authtkt.persistent.reissue_time (int) |
|
136 |
|
137 (1 day) Reissue time in seconds. |
|
138 |
|
139 .. confval:: cubicweb.auth.groups_principals (bool) |
|
140 |
|
141 (True) Setup a callback on the authentication stack that inject the user |
|
142 groups in the principals. |