def includeme(config):
"""Setup basic adhocracy."""
settings = config.registry.settings
config.include('pyramid_zodbconn')
config.include('pyramid_mako')
config.hook_zca() # global adapter lookup (used by adhocracy_core.utils)
authz_policy = RoleACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
authn_secret = settings.get('substanced.secret')
authn_timeout = 60 * 60 * 24 * 30
authn_policy = TokenHeaderAuthenticationPolicy(
authn_secret,
groupfinder=groups_and_roles_finder,
timeout=authn_timeout)
config.set_authentication_policy(authn_policy)
config.include('.authentication')
config.include('.evolution')
config.include('.events')
config.include('.content')
config.include('.changelog')
config.include('.graph')
config.include('.catalog')
config.include('.caching')
config.include('.messaging')
config.include('.sheets')
config.include('.resources')
config.include('.workflows')
config.include('.websockets')
config.include('.rest')
config.include('.stats')
if settings.get('adhocracy.add_test_users', False):
from adhocracy_core.testing import add_create_test_users_subscriber
add_create_test_users_subscriber(config)
def _register_authentication_policy(self):
from adhocracy_core.authentication import TokenHeaderAuthenticationPolicy
from pyramid.authorization import ACLAuthorizationPolicy
authz_policy = ACLAuthorizationPolicy()
self.config.set_authorization_policy(authz_policy)
authn_policy = TokenHeaderAuthenticationPolicy('secret')
self.config.set_authentication_policy(authn_policy)
def _create_authentication_policy(config: Configurator)\
-> IAuthenticationPolicy:
settings = config.registry['config'].configurator
secret = settings.substanced.secret
groupfinder = groups_and_roles_finder
timeout = 60 * 60 * 24 * 30
multi_policy = MultiRouteAuthenticationPolicy()
token_policy = TokenHeaderAuthenticationPolicy(secret,
algorithm='HS512',
callback=groupfinder,
timeout=timeout)
multi_policy.add_policy(API_ROUTE_NAME, token_policy)
session_factory = SignedCookieSessionFactory(secret,
httponly=True,
timeout=timeout)
config.set_session_factory(session_factory)
session_policy = AuthTktAuthenticationPolicy(secret,
hashalg='sha512',
http_only=True,
callback=groupfinder,
timeout=timeout)
multi_policy.add_policy(SDI_ROUTE_NAME, session_policy)
return multi_policy
def make_one(self, secret, **kw):
from adhocracy_core.authentication import TokenHeaderAuthenticationPolicy
return TokenHeaderAuthenticationPolicy(secret, **kw)