[migration] Drop cw_schema relation first
without this, we ends up with the traceback shown at
https://www.cubicweb.org/ticket/16130960. This is not the proper fix, which
I have not been able to find. It seems due to this very rare case of deletion
of such relation linked to CWRType vs order of execution of operation (in this
case, the operation deleting the entity table is run before some other queries
using it).
As forcing this relation to be deleted before the entity type fixes the problem
while this case seems rare enough, IMO this patch is "good enough".
Closes #16130960
Authentication
==============
Overview
--------
A default authentication stack is provided by the :mod:`cubicweb.pyramid.auth`
module, which is included by :mod:`cubicweb.pyramid.default`.
The authentication stack is built around `pyramid_multiauth`_, and provides a
few default policies that reproduce the default cubicweb behavior.
.. note::
Note that this module only provides an authentication policy, not the views
that handle the login form. See :ref:`login_module`
Customize
---------
The default policies can be individually deactivated, as well as the default
authentication callback that returns the current user groups as :term:`principals`.
The following settings can be set to `False`:
- :confval:`cubicweb.auth.update_login_time`. Activate the policy that update
the user `login_time` when `remember` is called.
- :confval:`cubicweb.auth.authtkt` and all its subvalues.
- :confval:`cubicweb.auth.groups_principals`
Additionnal policies can be added by accessing the MultiAuthenticationPolicy
instance in the registry:
.. code-block:: python
mypolicy = SomePolicy()
authpolicy = config.registry['cubicweb.authpolicy']
authpolicy._policies.append(mypolicy)
.. _pyramid_multiauth: https://github.com/mozilla-services/pyramid_multiauth