Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc/book/pyramid/settings.rst
author Philippe Pepiot <philippe.pepiot@logilab.fr>
Thu, 19 Jan 2017 15:27:39 +0100
changeset 11899 bf6106b91633
parent 11631 faf279e33298
child 12098 452129511244
permissions -rw-r--r--
[schema] load schema from modules names instead of directories Introspect cubicweb, cubes and apphome using pkgutil to generate the full list of modules names for loading the schema. Keep historical behavior and check if source .py file exists if a module is found using python bytecode file (.pyc and .pyo) Loading schema from apphome require apphome to be present in sys.path and that "schema" module resolve to a file located in apphome. Update migraction tests to explicitely update sys.path when loading schema from different apps, use a contextmanager for this so it's more readable. Require updated logilab-common and yams

Settings
========

.. _cubicweb_settings:

Cubicweb Settings
-----------------

Pyramid CubicWeb will **not** make use of the configuration entries
found in the cubicweb configuration (a.k.a. `all-in-one.conf`) for any
pyramid related configuration value.


.. _pyramid_settings:

Pyramid Settings
----------------

If a ``pyramid.ini`` file is found in the instance home directory (where the
``all-in-one.conf`` file is), its ``[main]`` section will be read and used as the
``settings`` of the pyramid Configurator.

This configuration file is almost the same as the one read by ``pserve``, which
allow to easily add any pyramid extension and configure it.

A typical ``pyramid.ini`` file is:

.. code-block:: ini

    [main]
    pyramid.includes =
        pyramid_redis_sessions

    cubicweb.defaults = no
    cubicweb.includes =
        cubicweb.pyramid.auth
        cubicweb.pyramid.login

    cubicweb.profile = no

    redis.sessions.secret = your_cookie_signing_secret
    redis.sessions.timeout = 1200

    redis.sessions.host = mywheezy

The Pyramid CubicWeb specific configuration entries are:

.. confval:: cubicweb.instance (string)

    A CubicWeb instance name. Useful when the application is not run by
    :ref:`cubicweb-ctl_pyramid`.

.. confval:: cubicweb.debug (bool)

    Enables the cubicweb debugmode. Works only if the instance is setup by
    :confval:`cubicweb.instance`.

    Unlike when the debugmode is set by the :option:`cubicweb-ctl pyramid --debug-mode`
    command, the pyramid debug options are untouched.

.. confval:: cubicweb.includes (list)

    Same as ``pyramid.includes``, but the includes are done after the cubicweb
    specific registry entries are initialized.

    Useful to include extensions that requires these entries.

.. confval:: cubicweb.bwcompat (bool)

    (True) Enable/disable backward compatibility. See :ref:`bwcompat_module`.

.. confval:: cubicweb.bwcompat.errorhandler (bool)

    (True) Enable/disable the backward compatibility error handler.
    Set to 'no' if you need to define your own error handlers.

.. confval:: cubicweb.defaults (bool)

    (True) Enable/disable defaults. See :ref:`defaults_module`.

.. confval:: cubicweb.profile (bool)

    (False) Enable/disable profiling. See :ref:`profiling`.

.. confval:: cubicweb.auth.update_login_time (bool)

    (True) Add a :class:`cubicweb.pyramid.auth.UpdateLoginTimeAuthenticationPolicy`
    policy, that update the CWUser.login_time attribute when a user login.
    
.. confval:: cubicweb.auth.authtkt (bool)

    (True) Enables the 2 cookie-base auth policies, which activate/deactivate
    depending on the `persistent` argument passed to `remember`.

    The default login views set persistent to True if a `__setauthcookie`
    parameters is passed to them, and evals to True in
    :func:`pyramid.settings.asbool`.

    The configuration values of the policies are arguments for
    :class:`pyramid.authentication.AuthTktAuthenticationPolicy`.

    The first policy handles session authentication. It doesn't get
    activated if `remember()` is called with `persistent=False`:

    .. confval:: cubicweb.auth.authtkt.session.cookie_name (str)

        ('auth_tkt') The cookie name. Must be different from the persistent
        authentication cookie name.

    .. confval:: cubicweb.auth.authtkt.session.timeout (int)

        (1200) Cookie timeout.

    .. confval:: cubicweb.auth.authtkt.session.reissue_time (int)

        (120) Reissue time.

    The second policy handles persistent authentication. It doesn't get
    activated if `remember()` is called with `persistent=True`:

    .. confval:: cubicweb.auth.authtkt.persistent.cookie_name (str)

        ('auth_tkt') The cookie name. Must be different from the session
        authentication cookie name.

    .. confval:: cubicweb.auth.authtkt.persistent.max_age (int)

        (30 days) Max age in seconds.

    .. confval:: cubicweb.auth.authtkt.persistent.reissue_time (int)

        (1 day) Reissue time in seconds.

    Both policies set the ``secure`` flag to ``True`` by default, meaning that
    cookies will only be sent back over a secure connection (see
    `Authentication Policies documentation`_ for details). This can be
    configured through :confval:`cubicweb.auth.authtkt.persistent.secure` and
    :confval:`cubicweb.auth.authtkt.session.secure` configuration options.

    .. _`Authentication Policies documentation`: \
        http://docs.pylonsproject.org/projects/pyramid/en/latest/api/authentication.html

.. confval:: cubicweb.auth.groups_principals (bool)

    (True) Setup a callback on the authentication stack that inject the user
    groups in the principals.
cubicweb