def includeme(config): # Register our login service config.register_service_factory(database_login_factory, IUserService) # Register our token services config.register_service_factory(TokenServiceFactory(name="password"), ITokenService, name="password") config.register_service_factory(TokenServiceFactory(name="email"), ITokenService, name="email") # Register our password breach detection service. config.register_service_factory(hibp_password_breach_factory, IPasswordBreachedService) # Register our authentication and authorization policies config.set_authentication_policy( MultiAuthenticationPolicy([ SessionAuthenticationPolicy(callback=_authenticate), BasicAuthAuthenticationPolicy(check=_login_via_basic_auth), ])) config.set_authorization_policy(ACLAuthorizationPolicy()) # Add a request method which will allow people to access the user object. config.add_request_method(_user, name="user", reify=True) # Register the rate limits that we're going to be using for our login # attempts config.register_service_factory(RateLimit("10 per 5 minutes"), IRateLimiter, name="user.login") config.register_service_factory(RateLimit("1000 per 5 minutes"), IRateLimiter, name="global.login")
def includeme(config): # Register our login service config.register_service_factory(database_login_factory, IUserService) config.register_service_factory(user_token_factory, IUserTokenService) # Register our authentication and authorization policies config.set_authentication_policy( MultiAuthenticationPolicy([ SessionAuthenticationPolicy(callback=_authenticate), BasicAuthAuthenticationPolicy(check=_login), ]), ) config.set_authorization_policy(ACLAuthorizationPolicy()) # Add a request method which will allow people to access the user object. config.add_request_method(_user, name="user", reify=True) # Register the rate limits that we're going to be using for our login # attempts config.register_service_factory( RateLimit("10 per 5 minutes"), IRateLimiter, name="user.login", ) config.register_service_factory( RateLimit("1000 per 5 minutes"), IRateLimiter, name="global.login", )
def includeme(config): # Register our login service config.register_service_factory(database_login_factory, IUserService) # Register our authentication and authorization policies config.set_authentication_policy( MultiAuthenticationPolicy([ SessionAuthenticationPolicy(callback=_authenticate), BasicAuthAuthenticationPolicy(check=_login), ]), ) config.set_authorization_policy(ACLAuthorizationPolicy()) # Add a request method which will allow people to access the user object. config.add_request_method(_user, name="user", reify=True)
def includeme(config): # Register our login service config.register_service_factory(database_login_factory, IUserService) # Register our token services config.register_service_factory( TokenServiceFactory(name="password"), ITokenService, name="password" ) config.register_service_factory( TokenServiceFactory(name="email"), ITokenService, name="email" ) config.register_service_factory( TokenServiceFactory(name="two_factor"), ITokenService, name="two_factor" ) # Register our password breach detection service. breached_pw_class = config.maybe_dotted( config.registry.settings.get( "breached_passwords.backend", HaveIBeenPwnedPasswordBreachedService ) ) config.register_service_factory( breached_pw_class.create_service, IPasswordBreachedService ) # Register our authentication and authorization policies config.set_authentication_policy( MultiAuthenticationPolicy( [ SessionAuthenticationPolicy(callback=_authenticate), BasicAuthAuthenticationPolicy(check=_basic_auth_login), MacaroonAuthenticationPolicy(callback=_authenticate), ] ) ) config.set_authorization_policy( MacaroonAuthorizationPolicy(policy=ACLAuthorizationPolicy()) ) # Add a request method which will allow people to access the user object. config.add_request_method(_user, name="user", reify=True) # Register the rate limits that we're going to be using for our login # attempts config.register_service_factory( RateLimit("10 per 5 minutes"), IRateLimiter, name="user.login" ) config.register_service_factory( RateLimit("1000 per 5 minutes"), IRateLimiter, name="global.login" )