def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
Base.metadata.bind = engine
session_factory = UnencryptedCookieSessionFactoryConfig(
settings['secret_key'])
config = Configurator(settings=settings,
root_factory='composting.models.base.RootFactory',
session_factory=session_factory)
config.set_authentication_policy(
AuthTktAuthenticationPolicy(settings['secret_key'],
callback=group_finder,
hashalg='sha512'))
config.set_authorization_policy(ACLAuthorizationPolicy())
config.set_default_permission('authenticated')
logging.config.fileConfig(global_config['__file__'],
disable_existing_loggers=False)
# configure password context
pwd_context.load_path(global_config['__file__'])
# include ourselves
includeme(config)
return config.make_wsgi_app()
def configure_auth(config):
def get_current_user(request):
# NOTE: we have to use unauthenticated_userid below. This just cracks open
# the auth cookie and returns the id therein without further verification.
# Specifically, we cannot use authenticated_userid because this will call
# get_principals, defined below. This would cause infinite recursion.
uid = unauthenticated_userid(request)
user = logic.user.try_get(uid) if uid is not None else None
return user
def get_impersonator_user(request):
uid = request.session.get('impersonator_id')
user = logic.user.try_get(uid) if uid is not None else None
return user
def get_principals(user_id, request):
""" Return the set of security principals for this request. None means
unauthenticated, empty list means authenticated but has no principals
associated.
"""
user = request.current_user
impersonator = request.impersonator_user
if user:
principals = [str(user.id)] # at minimum, user is his own principal
principals.extend(user.groups or [])
if impersonator:
principals.extend(impersonator.groups or [])
principals = list(set(principals))
else:
principals = None
return principals
the_settings = config.registry.settings
policy = AuthTktAuthenticationPolicy(
the_settings['giza.authn_secret'],
hashalg='sha512',
callback=get_principals,
cookie_name=str(the_settings['giza.auth_cookie']) # can't be unicode
)
config.set_authentication_policy(policy)
config.set_authorization_policy(ACLAuthorizationPolicy())
config.add_request_method(get_current_user, str('current_user'), reify=True)
config.add_request_method(get_impersonator_user, str('impersonator_user'), reify=True)
session_cookie_name = str(the_settings['giza.session_cookie']) # can't be unicode
session_secret = str(the_settings['giza.session_secret'])
factory = UnencryptedCookieSessionFactoryConfig(
session_secret,
timeout=86400*365,
cookie_max_age=86400*365,
cookie_name=session_cookie_name,
)
config.set_session_factory(factory)
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
Base.metadata.bind = engine
session_factory = SignedCookieSessionFactory(
settings['secret_key'])
config = Configurator(settings=settings,
root_factory='whoahqa.models.RootFactory',
session_factory=session_factory)
config.set_authentication_policy(
AuthTktAuthenticationPolicy(settings['secret_key'],
callback=group_finder,
hashalg='sha512'))
config.set_authorization_policy(ACLAuthorizationPolicy())
config.set_default_permission(perms.AUTHENTICATED)
# Add custom renderers
config.add_renderer('csv', 'whoahqa.renderers.CSVRenderer')
# Add request object helpers
add_request_helpers(config)
# setup the hashid salt
hashid._salt = settings['hashid_salt']
# add locale directory to project configuration
config.add_translation_dirs('whoahqa:locale')
# configure enketo
enketo.configure(
settings['enketo_url'],
settings['enketo_api_token'])
logging.config.fileConfig(
global_config['__file__'], disable_existing_loggers=False)
# configure password context
pwd_context.load_path(global_config['__file__'])
includeme(config)
if settings.get("environment", "") == DEVELOPMENT_ENV:
setup_development_data()
return config.make_wsgi_app()
def main(global_config, **settings):
logging.config.fileConfig(settings['logging.config'], disable_existing_loggers=False)
""" This function returns a Pyramid WSGI application.
"""
config = Configurator(settings=settings, root_factory='jungo.model.RootFactory')
config.include('pyramid_chameleon')
config.add_static_view('static', 'static', cache_max_age=3600)
config.add_route('home', '/old-home')
config.add_route('search', '/')
config.add_route('common_interests', '/common-interests')
config.add_route('profile', '/me')
config.add_route('user', '/user/{username}')
config.add_route('login', '/login')
config.add_route('logout', '/logout')
config.add_route('interest_match', '/interest-match/{username}/{interest_id}')
config.add_route('api_add_user', '/api/user', request_method='POST')
config.add_route('api_user', '/api/user/{username}', request_method='GET')
config.add_route('api_add_interests', '/api/user/{username}/interests', request_method='POST')
config.add_route('api_common_interests', '/api/common-interests', request_method='GET')
authn_policy = AuthTktAuthenticationPolicy('super secret magic', callback=groupfinder, hashalg='sha512')
authz_policy = ACLAuthorizationPolicy()
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(authz_policy)
config.set_session_factory(session_factory)
db_url = settings['mongo_uri']
config.registry.client = pymongo.MongoClient(db_url)
def add_db(request):
uri = urlparse.urlparse(db_url)
db = config.registry.client[uri.path[1:]]
if uri.username and uri.password:
db.authenticate(uri.username, uri.password)
return DataStore(db)
add_db(None).create_indices()
config.add_request_method(add_db, 'db', reify=True)
config.scan()
return config.make_wsgi_app()
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application."""
session_factory = SignedCookieSessionFactory('itsaseekreet',
max_age=31536000,
timeout=31536000) # TODO:
# support logging in python3
logging.config.fileConfig(settings['logging.config'],
disable_existing_loggers=False)
config = Configurator(settings=settings,
session_factory=session_factory,
root_factory=Root)
# Addons
config.include('pyramid_chameleon')
# Security policies
authn_policy = AuthTktAuthenticationPolicy(
'qwerty',
callback=groupfinder, # TODO:
hashalg='sha512')
authz_policy = ACLAuthorizationPolicy()
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(authz_policy)
# Routing
config.add_route('home', '/')
config.add_route('second', '/second')
config.add_route('login', '/login')
config.add_route('auth', '/auth')
config.add_route('logout', '/logout')
config.add_static_view('deform_static', 'deform:static/')
config.scan()
return config.make_wsgi_app()
