def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) Base.metadata.bind = engine session_factory = UnencryptedCookieSessionFactoryConfig( settings['secret_key']) config = Configurator(settings=settings, root_factory='composting.models.base.RootFactory', session_factory=session_factory) config.set_authentication_policy( AuthTktAuthenticationPolicy(settings['secret_key'], callback=group_finder, hashalg='sha512')) config.set_authorization_policy(ACLAuthorizationPolicy()) config.set_default_permission('authenticated') logging.config.fileConfig(global_config['__file__'], disable_existing_loggers=False) # configure password context pwd_context.load_path(global_config['__file__']) # include ourselves includeme(config) return config.make_wsgi_app()
def configure_auth(config): def get_current_user(request): # NOTE: we have to use unauthenticated_userid below. This just cracks open # the auth cookie and returns the id therein without further verification. # Specifically, we cannot use authenticated_userid because this will call # get_principals, defined below. This would cause infinite recursion. uid = unauthenticated_userid(request) user = logic.user.try_get(uid) if uid is not None else None return user def get_impersonator_user(request): uid = request.session.get('impersonator_id') user = logic.user.try_get(uid) if uid is not None else None return user def get_principals(user_id, request): """ Return the set of security principals for this request. None means unauthenticated, empty list means authenticated but has no principals associated. """ user = request.current_user impersonator = request.impersonator_user if user: principals = [str(user.id)] # at minimum, user is his own principal principals.extend(user.groups or []) if impersonator: principals.extend(impersonator.groups or []) principals = list(set(principals)) else: principals = None return principals the_settings = config.registry.settings policy = AuthTktAuthenticationPolicy( the_settings['giza.authn_secret'], hashalg='sha512', callback=get_principals, cookie_name=str(the_settings['giza.auth_cookie']) # can't be unicode ) config.set_authentication_policy(policy) config.set_authorization_policy(ACLAuthorizationPolicy()) config.add_request_method(get_current_user, str('current_user'), reify=True) config.add_request_method(get_impersonator_user, str('impersonator_user'), reify=True) session_cookie_name = str(the_settings['giza.session_cookie']) # can't be unicode session_secret = str(the_settings['giza.session_secret']) factory = UnencryptedCookieSessionFactoryConfig( session_secret, timeout=86400*365, cookie_max_age=86400*365, cookie_name=session_cookie_name, ) config.set_session_factory(factory)
def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) Base.metadata.bind = engine session_factory = SignedCookieSessionFactory( settings['secret_key']) config = Configurator(settings=settings, root_factory='whoahqa.models.RootFactory', session_factory=session_factory) config.set_authentication_policy( AuthTktAuthenticationPolicy(settings['secret_key'], callback=group_finder, hashalg='sha512')) config.set_authorization_policy(ACLAuthorizationPolicy()) config.set_default_permission(perms.AUTHENTICATED) # Add custom renderers config.add_renderer('csv', 'whoahqa.renderers.CSVRenderer') # Add request object helpers add_request_helpers(config) # setup the hashid salt hashid._salt = settings['hashid_salt'] # add locale directory to project configuration config.add_translation_dirs('whoahqa:locale') # configure enketo enketo.configure( settings['enketo_url'], settings['enketo_api_token']) logging.config.fileConfig( global_config['__file__'], disable_existing_loggers=False) # configure password context pwd_context.load_path(global_config['__file__']) includeme(config) if settings.get("environment", "") == DEVELOPMENT_ENV: setup_development_data() return config.make_wsgi_app()
def main(global_config, **settings): logging.config.fileConfig(settings['logging.config'], disable_existing_loggers=False) """ This function returns a Pyramid WSGI application. """ config = Configurator(settings=settings, root_factory='jungo.model.RootFactory') config.include('pyramid_chameleon') config.add_static_view('static', 'static', cache_max_age=3600) config.add_route('home', '/old-home') config.add_route('search', '/') config.add_route('common_interests', '/common-interests') config.add_route('profile', '/me') config.add_route('user', '/user/{username}') config.add_route('login', '/login') config.add_route('logout', '/logout') config.add_route('interest_match', '/interest-match/{username}/{interest_id}') config.add_route('api_add_user', '/api/user', request_method='POST') config.add_route('api_user', '/api/user/{username}', request_method='GET') config.add_route('api_add_interests', '/api/user/{username}/interests', request_method='POST') config.add_route('api_common_interests', '/api/common-interests', request_method='GET') authn_policy = AuthTktAuthenticationPolicy('super secret magic', callback=groupfinder, hashalg='sha512') authz_policy = ACLAuthorizationPolicy() config.set_authentication_policy(authn_policy) config.set_authorization_policy(authz_policy) config.set_session_factory(session_factory) db_url = settings['mongo_uri'] config.registry.client = pymongo.MongoClient(db_url) def add_db(request): uri = urlparse.urlparse(db_url) db = config.registry.client[uri.path[1:]] if uri.username and uri.password: db.authenticate(uri.username, uri.password) return DataStore(db) add_db(None).create_indices() config.add_request_method(add_db, 'db', reify=True) config.scan() return config.make_wsgi_app()
def main(global_config, **settings): """ This function returns a Pyramid WSGI application.""" session_factory = SignedCookieSessionFactory('itsaseekreet', max_age=31536000, timeout=31536000) # TODO: # support logging in python3 logging.config.fileConfig(settings['logging.config'], disable_existing_loggers=False) config = Configurator(settings=settings, session_factory=session_factory, root_factory=Root) # Addons config.include('pyramid_chameleon') # Security policies authn_policy = AuthTktAuthenticationPolicy( 'qwerty', callback=groupfinder, # TODO: hashalg='sha512') authz_policy = ACLAuthorizationPolicy() config.set_authentication_policy(authn_policy) config.set_authorization_policy(authz_policy) # Routing config.add_route('home', '/') config.add_route('second', '/second') config.add_route('login', '/login') config.add_route('auth', '/auth') config.add_route('logout', '/logout') config.add_static_view('deform_static', 'deform:static/') config.scan() return config.make_wsgi_app()