def setup_auth(app, config):
groupadapter = InstanceGroupSourceAdapter()
#groupadapter.translations.update({'sections': 'groups'})
permissionadapter = SqlPermissionsAdapter(model.Permission,
model.Group,
model.meta.Session)
#permissionadapter.translations.update(permission_translations)
group_adapters = {'sql_auth': groupadapter}
permission_adapters = {'sql_auth': permissionadapter}
basicauth = BasicAuthPlugin('Adhocracy HTTP Authentication')
auth_tkt = InstanceAuthTktCookiePlugin(
config,
config.get('adhocracy.auth.secret', config['beaker.session.secret']),
cookie_name='adhocracy_login', timeout=86400 * 2,
reissue_time=3600,
secure=config.get('adhocracy.protocol', 'http') == 'https'
)
form = FriendlyFormPlugin(
'/login',
'/perform_login',
'/post_login',
'/logout',
'/post_logout',
login_counter_name='_login_tries',
rememberer_name='auth_tkt',
charset='utf-8'
)
sqlauth = EmailSQLAlchemyAuthenticatorPlugin(model.User, model.meta.Session)
sql_user_md = SQLAlchemyUserMDPlugin(model.User, model.meta.Session)
identifiers = [('form', form),
('basicauth', basicauth),
('auth_tkt', auth_tkt)]
authenticators = [('sqlauth', sqlauth), ('auth_tkt', auth_tkt)]
challengers = [('form', form), ('basicauth', basicauth)]
mdproviders = [('sql_user_md', sql_user_md)]
welcome.setup_auth(config, identifiers, authenticators)
log_stream = None
#log_stream = sys.stdout
return setup_what(app, group_adapters, permission_adapters,
identifiers=identifiers,
authenticators=authenticators,
challengers=challengers,
mdproviders=mdproviders,
log_stream=log_stream,
log_level=logging.DEBUG,
# kwargs passed to repoze.who.plugins.testutils:
skip_authentication=config.get('skip_authentication'),
remote_user_key='HTTP_REMOTE_USER')
def setup_auth(app, config):
groupadapter = InstanceGroupSourceAdapter()
#groupadapter.translations.update({'sections': 'groups'})
permissionadapter = SqlPermissionsAdapter(model.Permission,
model.Group,
model.meta.Session)
#permissionadapter.translations.update(permission_translations)
group_adapters = {'sql_auth': groupadapter}
permission_adapters = {'sql_auth': permissionadapter}
basicauth = BasicAuthPlugin('Adhocracy HTTP Authentication')
auth_tkt = InstanceAuthTktCookiePlugin(
'41d207498d3812741e27c6441760ae494a4f9fbf',
cookie_name='adhocracy_login', timeout=86400 * 2,
reissue_time=3600)
form = FriendlyFormPlugin(
'/login',
'/perform_login',
'/post_login',
'/logout',
'/post_logout',
login_counter_name='_login_tries',
rememberer_name='auth_tkt')
sqlauth = SQLAlchemyAuthenticatorPlugin(model.User, model.meta.Session)
sql_user_md = SQLAlchemyUserMDPlugin(model.User, model.meta.Session)
identifiers = [('form', form),
('basicauth', basicauth),
('auth_tkt', auth_tkt)]
authenticators = [('sqlauth', sqlauth), ('auth_tkt', auth_tkt)]
challengers = [('form', form), ('basicauth', basicauth)]
mdproviders = [('sql_user_md', sql_user_md)]
log_stream = None
#log_stream = sys.stdout
return setup_what(app, group_adapters, permission_adapters,
identifiers=identifiers,
authenticators=authenticators,
challengers=challengers,
mdproviders=mdproviders,
log_stream=log_stream,
log_level=logging.DEBUG,
# kwargs passed to repoze.who.plugins.testutils:
skip_authentication=config.get('skip_authentication'),
remote_user_key='HTTP_REMOTE_USER')
def setup_auth(app, config):
groupadapter = InstanceGroupSourceAdapter()
#groupadapter.translations.update({'sections': 'groups'})
permissionadapter = SqlPermissionsAdapter(model.Permission,
model.Group,
model.meta.Session)
#permissionadapter.translations.update(permission_translations)
group_adapters = {'sql_auth': groupadapter}
permission_adapters = {'sql_auth': permissionadapter}
basicauth = BasicAuthPlugin('Adhocracy HTTP Authentication')
auth_tkt = InstanceAuthTktCookiePlugin(
'41d207498d3812741e27c6441760ae494a4f9fbf',
cookie_name='adhocracy_login', timeout=86400 * 2,
reissue_time=3600)
form = FriendlyFormPlugin(
'/login',
'/perform_login',
'/post_login',
'/logout',
'/post_logout',
login_counter_name='_login_tries',
rememberer_name='auth_tkt')
sqlauth = SQLAlchemyAuthenticatorPlugin(model.User, model.meta.Session)
sql_user_md = SQLAlchemyUserMDPlugin(model.User, model.meta.Session)
identifiers = [('form', form),
('basicauth', basicauth),
('auth_tkt', auth_tkt)]
authenticators = [('sqlauth', sqlauth), ('auth_tkt', auth_tkt)]
challengers = [('form', form), ('basicauth', basicauth)]
mdproviders = [('sql_user_md', sql_user_md)]
log_stream = None
#log_stream = sys.stdout
return setup_what(app, group_adapters, permission_adapters,
identifiers=identifiers,
authenticators=authenticators,
challengers=challengers,
mdproviders=mdproviders,
log_stream=log_stream,
log_level=logging.DEBUG,
skip_authentication=config.get('skip_authentication'))
def setup_auth(app, config):
groupadapter = InstanceGroupSourceAdapter()
#groupadapter.translations.update({'sections': 'groups'})
permissionadapter = SqlPermissionsAdapter(model.Permission, model.Group,
model.meta.Session)
#permissionadapter.translations.update(permission_translations)
group_adapters = {'sql_auth': groupadapter}
permission_adapters = {'sql_auth': permissionadapter}
basicauth = BasicAuthPlugin('Adhocracy HTTP Authentication')
auth_tkt = InstanceAuthTktCookiePlugin(
config,
config.get('adhocracy.auth.secret', config['beaker.session.secret']),
cookie_name='adhocracy_login',
timeout=86400 * 2,
reissue_time=3600,
secure=config.get('adhocracy.protocol', 'http') == 'https')
sqlauth = EmailSQLAlchemyAuthenticatorPlugin(model.User,
model.meta.Session)
sql_user_md = SQLAlchemyUserMDPlugin(model.User, model.meta.Session)
login_urls = [
'/login',
'/perform_login',
'/post_login',
'/logout',
'/post_logout',
]
login_options = dict(
login_counter_name='_login_tries',
rememberer_name='auth_tkt',
charset='utf-8',
)
if config.get('adhocracy.login_style') == 'alternate':
form = AlternateLoginFriendlyFormPlugin(sqlauth.get_user, *login_urls,
**login_options)
else:
form = FriendlyFormPlugin(*login_urls, **login_options)
identifiers = [('form', form), ('basicauth', basicauth),
('auth_tkt', auth_tkt)]
authenticators = [('sqlauth', sqlauth), ('auth_tkt', auth_tkt)]
challengers = [('form', form), ('basicauth', basicauth)]
mdproviders = [('sql_user_md', sql_user_md)]
welcome.setup_auth(config, identifiers, authenticators)
log_stream = None
#log_stream = sys.stdout
# If a webserver already sets a HTTP_REMOTE_USER environment variable,
# repoze.who merely acts as a pass through and doesn't set up the proper
# environment (e.g. environ['repoze.who.api'] is missing).
#
# This happens for example in the case of Shibboleth based authentication -
# we weren't able to prevent mod_shibboleth from setting the header.
# Therefore the remote user key to look for is not set to HTTP_REMOTE_USER,
# but to the non-existing DONT_USE_HTTP_REMOTE_USER environment variable.
REMOTE_USER_KEY = 'DONT_USE_HTTP_REMOTE_USER'
return setup_what(
app,
group_adapters,
permission_adapters,
identifiers=identifiers,
authenticators=authenticators,
challengers=challengers,
mdproviders=mdproviders,
log_stream=log_stream,
log_level=logging.DEBUG,
# kwargs passed to repoze.who.plugins.testutils:
skip_authentication=config.get('skip_authentication'),
remote_user_key=REMOTE_USER_KEY)
def setup_auth(app, config):
groupadapter = InstanceGroupSourceAdapter()
#groupadapter.translations.update({'sections': 'groups'})
permissionadapter = SqlPermissionsAdapter(model.Permission,
model.Group,
model.meta.Session)
#permissionadapter.translations.update(permission_translations)
group_adapters = {'sql_auth': groupadapter}
permission_adapters = {'sql_auth': permissionadapter}
basicauth = BasicAuthPlugin('Adhocracy HTTP Authentication')
auth_tkt = InstanceAuthTktCookiePlugin(
config,
config.get('adhocracy.auth.secret', config['beaker.session.secret']),
cookie_name='adhocracy_login', timeout=86400 * 2,
reissue_time=3600,
secure=config.get('adhocracy.protocol', 'http') == 'https'
)
sqlauth = EmailSQLAlchemyAuthenticatorPlugin(model.User,
model.meta.Session)
sql_user_md = SQLAlchemyUserMDPlugin(model.User, model.meta.Session)
login_urls = [
'/login',
'/perform_login',
'/post_login',
'/logout',
'/post_logout',
]
login_options = dict(
login_counter_name='_login_tries',
rememberer_name='auth_tkt',
charset='utf-8',
)
if config.get('adhocracy.login_style') == 'alternate':
form = AlternateLoginFriendlyFormPlugin(sqlauth.get_user,
*login_urls, **login_options)
else:
form = FriendlyFormPlugin(*login_urls, **login_options)
identifiers = [('form', form),
('basicauth', basicauth),
('auth_tkt', auth_tkt)]
authenticators = [('sqlauth', sqlauth), ('auth_tkt', auth_tkt)]
challengers = [('form', form), ('basicauth', basicauth)]
mdproviders = [('sql_user_md', sql_user_md)]
welcome.setup_auth(config, identifiers, authenticators)
log_stream = None
#log_stream = sys.stdout
# If a webserver already sets a HTTP_REMOTE_USER environment variable,
# repoze.who merely acts as a pass through and doesn't set up the proper
# environment (e.g. environ['repoze.who.api'] is missing).
#
# This happens for example in the case of Shibboleth based authentication -
# we weren't able to prevent mod_shibboleth from setting the header.
# Therefore the remote user key to look for is not set to HTTP_REMOTE_USER,
# but to the non-existing DONT_USE_HTTP_REMOTE_USER environment variable.
REMOTE_USER_KEY = 'DONT_USE_HTTP_REMOTE_USER'
return setup_what(app, group_adapters, permission_adapters,
identifiers=identifiers,
authenticators=authenticators,
challengers=challengers,
mdproviders=mdproviders,
log_stream=log_stream,
log_level=logging.DEBUG,
# kwargs passed to repoze.who.plugins.testutils:
skip_authentication=config.get('skip_authentication'),
remote_user_key=REMOTE_USER_KEY)
