def use_authorization( self, strategy: Optional[AuthorizationStrategy] = None ) -> AuthorizationStrategy: if self.started: raise RuntimeError( "The application is already running, configure authorization " "before starting the application") if not strategy: strategy = AuthorizationStrategy() if strategy.default_policy is None: # by default, a default policy is configured with no requirements, # meaning that request handlers allow anonymous users, unless # specified otherwise # this can be modified, by adding a requirement to the default # policy strategy.default_policy = Policy("default") self._authorization_strategy = strategy self.exceptions_handlers[ AuthenticateChallenge] = handle_authentication_challenge self.exceptions_handlers[UnauthorizedError] = handle_unauthorized return strategy
def use_authorization( self, strategy: Optional[AuthorizationStrategy] = None ) -> AuthorizationStrategy: if self.started: raise RuntimeError( "The application is already running, configure authorization " "before starting the application" ) if not strategy: strategy = AuthorizationStrategy() if strategy.default_policy is None: # by default, a default policy is configured with no requirements, # meaning that request handlers allow anonymous users by default, unless # they are decorated with @auth() strategy.default_policy = Policy("default") strategy.add(Policy("authenticated").add(AuthenticatedRequirement())) self._authorization_strategy = strategy self.exceptions_handlers[ AuthenticateChallenge ] = handle_authentication_challenge self.exceptions_handlers[UnauthorizedError] = handle_unauthorized return strategy
def get_strategy(policies: Sequence[Policy], identity_getter=None): if identity_getter is None: identity_getter = empty_identity_getter return AuthorizationStrategy(*policies, identity_getter=identity_getter)