def setup_auth(app,
authmetadata,
form_plugin=None,
form_identifies=True,
cookie_secret='secret',
cookie_name='authtkt',
login_url='/login',
login_handler='/login_handler',
post_login_url=None,
logout_handler='/logout_handler',
post_logout_url=None,
login_counter_name=None,
cookie_timeout=None,
cookie_reissue_time=None,
**who_args):
"""
Sets :mod:`repoze.who` up with the provided authenticators and
options to create FriendlyFormPlugin/FastFormPlugin.
It returns a middleware that provides identification,
authentication and authorization in a way that is compatible
with repoze.who and repoze.what.
"""
if 'charset' in who_args: #pragma: no cover
log.warn('charset argument in authentication setup is ignored')
who_args.pop('charset')
# If no identifiers are provided in repoze setup arguments
# then create a default one using AuthTktCookiePlugin.
if 'identifiers' not in who_args:
from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
cookie = AuthTktCookiePlugin(cookie_secret,
cookie_name,
timeout=cookie_timeout,
reissue_time=cookie_reissue_time)
who_args['identifiers'] = [('cookie', cookie)]
who_args['authenticators'].insert(0, ('cookie', cookie))
# If no form plugin is provided then create a default
# one using the provided options.
if form_plugin is None:
from tg.configuration.auth.fastform import FastFormPlugin
form = FastFormPlugin(login_url,
login_handler,
post_login_url,
logout_handler,
post_logout_url,
rememberer_name='cookie',
login_counter_name=login_counter_name)
else:
form = form_plugin
if form_identifies:
who_args['identifiers'].insert(0, ('main_identifier', form))
# Setting the repoze.who challengers:
if 'challengers' not in who_args:
who_args['challengers'] = []
who_args['challengers'].append(('form', form))
# Including logging
log_file = who_args.pop('log_file', None)
if log_file is not None:
if log_file.lower() == 'stdout':
log_stream = sys.stdout
elif log_file.lower() == 'stderr':
log_stream = sys.stderr
else:
log_stream = open(log_file, 'wb')
who_args['log_stream'] = log_stream
log_level = who_args.get('log_level', None)
if log_level is None:
log_level = logging.INFO
else:
log_level = _LEVELS[log_level.lower()]
who_args['log_level'] = log_level
# Setting up the metadata provider for the user informations
if 'mdproviders' not in who_args:
who_args['mdproviders'] = []
if authmetadata:
authmd = _AuthMetadataProvider(authmetadata)
who_args['mdproviders'].append(('authmd', authmd))
# Set up default classifier
if 'classifier' not in who_args:
who_args['classifier'] = default_request_classifier
# Set up default challenger decider
if 'challenge_decider' not in who_args:
who_args['challenge_decider'] = turbogears_challenge_decider
skip_authn = who_args.pop('skip_authentication', False)
if asbool(skip_authn):
return _AuthenticationForgerMiddleware(app, **who_args)
else:
return PluggableAuthenticationMiddleware(app, **who_args)
def setup(self):
self.fform = FastFormPlugin('/login', '/login_handler', '/post_login',
'/logout_handler', '/post_logout',
'cookie')
