[migration] Avoid unnecessary intermediary commit when migrating a schema
Those are low-hanging fruit following changes in ac74476d686c (Fix addition of
entity type including boundary constraints on its own attributes): this is no
more necesary to commit the get a new relation type definition in the schema.
At some point we could/should probably do more on this topic to avoid
intermediary commit on e.g. entity type addition, but this requires more work.
Authentication
==============
Overview
--------
A default authentication stack is provided by the :mod:`cubicweb.pyramid.auth`
module, which is included by :mod:`cubicweb.pyramid.default`.
The authentication stack is built around `pyramid_multiauth`_, and provides a
few default policies that reproduce the default cubicweb behavior.
.. note::
Note that this module only provides an authentication policy, not the views
that handle the login form. See :ref:`login_module`
Customize
---------
The default policies can be individually deactivated, as well as the default
authentication callback that returns the current user groups as :term:`principals`.
The following settings can be set to `False`:
- :confval:`cubicweb.auth.update_login_time`. Activate the policy that update
the user `login_time` when `remember` is called.
- :confval:`cubicweb.auth.authtkt` and all its subvalues.
- :confval:`cubicweb.auth.groups_principals`
Additionnal policies can be added by accessing the MultiAuthenticationPolicy
instance in the registry:
.. code-block:: python
mypolicy = SomePolicy()
authpolicy = config.registry['cubicweb.authpolicy']
authpolicy._policies.append(mypolicy)
.. _pyramid_multiauth: https://github.com/mozilla-services/pyramid_multiauth