equal
deleted
inserted
replaced
|
1 Authentication |
|
2 ============== |
|
3 |
|
4 Overview |
|
5 -------- |
|
6 |
|
7 A default authentication stack is provided by the :mod:`cubicweb.pyramid.auth` |
|
8 module, which is included by :mod:`cubicweb.pyramid.default`. |
|
9 |
|
10 The authentication stack is built around `pyramid_multiauth`_, and provides a |
|
11 few default policies that reproduce the default cubicweb behavior. |
|
12 |
|
13 .. note:: |
|
14 |
|
15 Note that this module only provides an authentication policy, not the views |
|
16 that handle the login form. See :ref:`login_module` |
|
17 |
|
18 Customize |
|
19 --------- |
|
20 |
|
21 The default policies can be individually deactivated, as well as the default |
|
22 authentication callback that returns the current user groups as :term:`principals`. |
|
23 |
|
24 The following settings can be set to `False`: |
|
25 |
|
26 - :confval:`cubicweb.auth.update_login_time`. Activate the policy that update |
|
27 the user `login_time` when `remember` is called. |
|
28 - :confval:`cubicweb.auth.authtkt` and all its subvalues. |
|
29 - :confval:`cubicweb.auth.groups_principals` |
|
30 |
|
31 Additionnal policies can be added by accessing the MultiAuthenticationPolicy |
|
32 instance in the registry: |
|
33 |
|
34 .. code-block:: python |
|
35 |
|
36 mypolicy = SomePolicy() |
|
37 authpolicy = config.registry['cubicweb.authpolicy'] |
|
38 authpolicy._policies.append(mypolicy) |
|
39 |
|
40 .. _pyramid_multiauth: https://github.com/mozilla-services/pyramid_multiauth |