pyramid_fullauth provides models and actions that allows to register and log in user as well as reset password functionality. It does not provide ability to send appropriate emails, that have to be covered by subscribing to appropriate events emitted by plugin.
Note
By default, all actions are unrestricted (have permissions set to pyramid.security.NO_PERMISSION_REQUIRED, that way setting default permission in your pyramid app would allow the user to log in, register without the need to being logged in to the system
If You have a sqlalchemy.url key in the config file In Your pyramid application configuration section just add those two lines:
config.include('pyramid_basemodel')
config.include('pyramid_fullauth')
And that’s it, this is the most simple usage of this plugin. To register just go to the /register url and You will see the form with which You can register. Login in is performed on /login page
pyramid_fullauth uses under the hood pyramid_yml to include configuration defaults defined in yaml file, and to override them, you’d have to employ pyramid_yml on your own into the project.
Plugin emits events while handling requests:
BeforeRegister
AfterRegister
AfterActivate
AfterResetRequest
AfterReset
AlreadyLoggedIn
BeforeLogIn
AfterLogIn
Events can be found in the pyramid_fullauth.events package.
Read the Using Events chapter of Pyramid’s documentation to see how to add an event subscriber to Your application and handle those events.
Note
Plugins uses tzf.pyramid_yml for its configuration settings
Plugin, by default works on these assumptions:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | # Copyright (c) 2013 - 2014 by pyramid_fullauth authors and contributors <see AUTHORS file>
#
# This module is part of pyramid_fullauth and is released under
# the MIT License (MIT): http://opensource.org/licenses/MIT
# pyramid_fullauth's default configuration
fullauth:
check_csrf: True # Whether login processes should work with csrf token, or without
register:
password:
require: True # set to false to not read password during register, and generate random one
length_min: 6 # will be used either to check password's length or generate this length random password
confirm: True # by default there will be a field for password confirmation on the registration form
AuthTkt:
secret: fullauth_psst # default secret used to hash auth_tk cookie
hashalg: sha512 # default authentication policy hash algorithm
login:
cookie_max_age: 2592000 # 30 days
redirects: # route name, to redirect to. If False, then redirects just to /
logout: False
session: # session factory settings
# factory key is responsible for providing full path to factory class (module.submodule.SessionFactory)
factory: pyramid.session.UnencryptedCookieSessionFactoryConfig
# settings are key: value pairs of all factory initialize attributes
settings:
secret: THATS_NOT_SECRET_ITS_A_SECRET
|
Note
For alternative values of the settings above look at config.{env}.yml configurations found in tests.config directory.
Request object gets these methods:
CSRF can be turned on/off for fullauth views by modifying fullauth.check_csrf key. It’s turned on by default.
pyramid_fullauth extends pyrmid’s check_csrf predicate in that way, that you can turn it on and off, and when check fails, it raises HTTPUnauthorized exception instead of returning False, which gives usually 404 Not Found error