Beispiel #1
0
def main(global_config, **settings):
    """ This function returns a Pyramid WSGI application.
    """
    engine = engine_from_config(settings, 'sqlalchemy.')
    DBSession.configure(bind=engine)
    Base.metadata.bind = engine
    session_factory = UnencryptedCookieSessionFactoryConfig(
        settings['secret_key'])
    config = Configurator(settings=settings,
                          root_factory='composting.models.base.RootFactory',
                          session_factory=session_factory)
    config.set_authentication_policy(
        AuthTktAuthenticationPolicy(settings['secret_key'],
                                    callback=group_finder,
                                    hashalg='sha512'))

    config.set_authorization_policy(ACLAuthorizationPolicy())
    config.set_default_permission('authenticated')

    logging.config.fileConfig(global_config['__file__'],
                              disable_existing_loggers=False)

    # configure password context
    pwd_context.load_path(global_config['__file__'])

    # include ourselves
    includeme(config)
    return config.make_wsgi_app()
Beispiel #2
0
def configure_auth(config):
    def get_current_user(request):
        # NOTE: we have to use unauthenticated_userid below. This just cracks open
        # the auth cookie and returns the id therein without further verification.
        # Specifically, we cannot use authenticated_userid because this will call
        # get_principals, defined below. This would cause infinite recursion.
        uid = unauthenticated_userid(request)
        user = logic.user.try_get(uid) if uid is not None else None
        return user

    def get_impersonator_user(request):
        uid = request.session.get('impersonator_id')
        user = logic.user.try_get(uid) if uid is not None else None
        return user

    def get_principals(user_id, request):
        """ Return the set of security principals for this request. None means
        unauthenticated, empty list means authenticated but has no principals
        associated.
        """
        user = request.current_user
        impersonator = request.impersonator_user

        if user:
            principals = [str(user.id)] # at minimum, user is his own principal
            principals.extend(user.groups or [])
            if impersonator:
                principals.extend(impersonator.groups or [])
            principals = list(set(principals))
        else:
            principals = None

        return principals

    the_settings = config.registry.settings

    policy = AuthTktAuthenticationPolicy(
        the_settings['giza.authn_secret'],
        hashalg='sha512',
        callback=get_principals,
        cookie_name=str(the_settings['giza.auth_cookie']) # can't be unicode
    )
    config.set_authentication_policy(policy)
    config.set_authorization_policy(ACLAuthorizationPolicy())

    config.add_request_method(get_current_user, str('current_user'), reify=True)
    config.add_request_method(get_impersonator_user, str('impersonator_user'), reify=True)

    session_cookie_name = str(the_settings['giza.session_cookie']) # can't be unicode
    session_secret = str(the_settings['giza.session_secret'])
    factory = UnencryptedCookieSessionFactoryConfig(
        session_secret,
        timeout=86400*365,
        cookie_max_age=86400*365,
        cookie_name=session_cookie_name,
    )
    config.set_session_factory(factory)
Beispiel #3
0
def main(global_config, **settings):
    """ This function returns a Pyramid WSGI application.
    """
    engine = engine_from_config(settings, 'sqlalchemy.')
    DBSession.configure(bind=engine)
    Base.metadata.bind = engine
    session_factory = SignedCookieSessionFactory(
        settings['secret_key'])
    config = Configurator(settings=settings,
                          root_factory='whoahqa.models.RootFactory',
                          session_factory=session_factory)
    config.set_authentication_policy(
        AuthTktAuthenticationPolicy(settings['secret_key'],
                                    callback=group_finder,
                                    hashalg='sha512'))

    config.set_authorization_policy(ACLAuthorizationPolicy())
    config.set_default_permission(perms.AUTHENTICATED)

    # Add custom renderers
    config.add_renderer('csv', 'whoahqa.renderers.CSVRenderer')

    # Add request object helpers
    add_request_helpers(config)

    # setup the hashid salt
    hashid._salt = settings['hashid_salt']

    # add locale directory to project configuration
    config.add_translation_dirs('whoahqa:locale')

    # configure enketo
    enketo.configure(
        settings['enketo_url'],
        settings['enketo_api_token'])

    logging.config.fileConfig(
        global_config['__file__'], disable_existing_loggers=False)

    # configure password context
    pwd_context.load_path(global_config['__file__'])

    includeme(config)

    if settings.get("environment", "") == DEVELOPMENT_ENV:
        setup_development_data()

    return config.make_wsgi_app()
Beispiel #4
0
def main(global_config, **settings):
    logging.config.fileConfig(settings['logging.config'], disable_existing_loggers=False)
    """ This function returns a Pyramid WSGI application.
    """
    config = Configurator(settings=settings, root_factory='jungo.model.RootFactory')
    config.include('pyramid_chameleon')
    config.add_static_view('static', 'static', cache_max_age=3600)
    config.add_route('home', '/old-home')
    config.add_route('search', '/')
    config.add_route('common_interests', '/common-interests')
    config.add_route('profile', '/me')
    config.add_route('user', '/user/{username}')

    config.add_route('login', '/login')
    config.add_route('logout', '/logout')

    config.add_route('interest_match', '/interest-match/{username}/{interest_id}')
    config.add_route('api_add_user', '/api/user', request_method='POST')
    config.add_route('api_user', '/api/user/{username}', request_method='GET')
    config.add_route('api_add_interests', '/api/user/{username}/interests', request_method='POST')
    config.add_route('api_common_interests', '/api/common-interests', request_method='GET')

    authn_policy = AuthTktAuthenticationPolicy('super secret magic', callback=groupfinder, hashalg='sha512')
    authz_policy = ACLAuthorizationPolicy()
    config.set_authentication_policy(authn_policy)
    config.set_authorization_policy(authz_policy)

    config.set_session_factory(session_factory)

    db_url = settings['mongo_uri']

    config.registry.client = pymongo.MongoClient(db_url)

    def add_db(request):
        uri = urlparse.urlparse(db_url)
        db = config.registry.client[uri.path[1:]]
        if uri.username and uri.password:
            db.authenticate(uri.username, uri.password)
        return DataStore(db)

    add_db(None).create_indices()

    config.add_request_method(add_db, 'db', reify=True)

    config.scan()

    return config.make_wsgi_app()
Beispiel #5
0
def main(global_config, **settings):
    """ This function returns a Pyramid WSGI application."""

    session_factory = SignedCookieSessionFactory('itsaseekreet',
                                                 max_age=31536000,
                                                 timeout=31536000)  # TODO:

    # support logging in python3
    logging.config.fileConfig(settings['logging.config'],
                              disable_existing_loggers=False)

    config = Configurator(settings=settings,
                          session_factory=session_factory,
                          root_factory=Root)

    # Addons
    config.include('pyramid_chameleon')

    # Security policies
    authn_policy = AuthTktAuthenticationPolicy(
        'qwerty',
        callback=groupfinder,  # TODO:
        hashalg='sha512')
    authz_policy = ACLAuthorizationPolicy()
    config.set_authentication_policy(authn_policy)
    config.set_authorization_policy(authz_policy)

    # Routing
    config.add_route('home', '/')
    config.add_route('second', '/second')
    config.add_route('login', '/login')
    config.add_route('auth', '/auth')
    config.add_route('logout', '/logout')
    config.add_static_view('deform_static', 'deform:static/')
    config.scan()

    return config.make_wsgi_app()