def setup(app): log.debug("Setting up %s ...", __name__) # Once user is identified, an identity string is created for that user identity_policy = SessionIdentityPolicy() # TODO: create basic/bearer authentication policy based on tokens instead of cookies!! authorization_policy = DBAuthorizationPolicy(app) aiohttp_security.setup(app, identity_policy, authorization_policy)
def setup_security(app: web.Application): # Once user is identified, an identity string is created for that user identity_policy = SessionIdentityPolicy() # TODO: limitations is that it cannot contain checks need to be added here access_model = RoleBasedAccessModel.from_rawdata(ROLES_PERMISSIONS) # TODO: create basic/bearer authentication policy based on tokens instead of cookies!! # when you do that, also update the openapi to reflect that authorization_policy = AuthorizationPolicy(app, access_model) aiohttp_security.setup(app, identity_policy, authorization_policy)
def maker(*args, **kwargs): app, client = yield from create_app_and_client(*args, **kwargs) setup_session(app, SimpleCookieStorage()) setup_security(app, SessionIdentityPolicy(), Autz()) return app, client
def make_app(loop): app = web.Application(loop=loop) setup_session(app, SimpleCookieStorage()) setup_security(app, SessionIdentityPolicy(), Autz()) return app