def add_auth_middleware(self, app, skip_authentication): """ Configure authentication and authorization. :param app: The TG2 application. :param skip_authentication: Should authentication be skipped if explicitly requested? (used by repoze.who-testutil) :type skip_authentication: bool """ from repoze.what.plugins.pylonshq import booleanize_predicates # Predicates booleanized: booleanize_predicates() # Configuring auth logging: if 'log_stream' not in self.sa_auth: self.sa_auth['log_stream'] = logging.getLogger('auth') # Removing keywords not used by repoze.who: auth_args = copy(self.sa_auth) if 'sa_auth' in config: auth_args.update(config.sa_auth) if 'password_encryption_method' in auth_args: del auth_args['password_encryption_method'] if not skip_authentication: if not 'cookie_secret' in auth_args.keys(): msg = "base_config.sa_auth.cookie_secret is required "\ "you must define it in app_cfg.py or set "\ "sa_auth.cookie_secret in development.ini" raise TGConfigError(msg) if self.auth_backend == "sqlalchemy": from repoze.what.plugins.quickstart import setup_sql_auth app = setup_sql_auth(app, skip_authentication=skip_authentication, **auth_args) elif self.auth_backend == "ming": from tgming import setup_ming_auth app = setup_ming_auth(app, skip_authentication=skip_authentication, **auth_args) return app
def add_auth_middleware(self, app, skip_authentication): """ Configure authentication and authorization. :param app: The TG2 application. :param skip_authentication: Should authentication be skipped if explicitly requested? (used by repoze.who-testutil) :type skip_authentication: bool """ # Configuring auth logging: if 'log_stream' not in self.sa_auth: self.sa_auth['log_stream'] = logging.getLogger('auth') # Removing keywords not used by repoze.who: auth_args = copy(self.sa_auth) if 'sa_auth' in config: auth_args.update(config.sa_auth) if 'password_encryption_method' in auth_args: del auth_args['password_encryption_method'] if not skip_authentication: if not 'cookie_secret' in auth_args.keys(): msg = "base_config.sa_auth.cookie_secret is required "\ "you must define it in app_cfg.py or set "\ "sa_auth.cookie_secret in development.ini" raise TGConfigError(msg) if 'authmetadata' not in auth_args: #authmetadata not provided, fallback to old authentication setup if self.auth_backend == "sqlalchemy": from repoze.what.plugins.quickstart import setup_sql_auth app = setup_sql_auth(app, skip_authentication=skip_authentication, **auth_args) elif self.auth_backend == "ming": from tgming import setup_ming_auth app = setup_ming_auth(app, skip_authentication=skip_authentication, **auth_args) else: try: pos = auth_args['authenticators'].index(('default', None)) except KeyError: pos = None except ValueError: pos = -1 if pos is None or pos >= 0: if self.auth_backend == "sqlalchemy": from tg.configuration.sqla.auth import create_default_authenticator auth_args, sqlauth = create_default_authenticator(**auth_args) authenticator = ('sqlauth', sqlauth) elif self.auth_backend == "ming": from tg.configuration.mongo.auth import create_default_authenticator auth_args, mingauth = create_default_authenticator(**auth_args) authenticator = ('mingauth', mingauth) else: authenticator = None if authenticator: if pos is None: auth_args['authenticators'] = [authenticator] else: auth_args['authenticators'][pos] = authenticator from tg.configuration.auth import setup_auth app = setup_auth(app, skip_authentication=skip_authentication, **auth_args) return app