/shabti/templates/auth_repozewho/+package+/lib/auth/__init__.py_tmpl

 1from repoze.what.plugins.quickstart import setup_sql_auth
 2from repoze.who.plugins.friendlyform import FriendlyFormPlugin
 3from {{package}}.model import User, Group, Permission, Session
 4from pylons import request
 5
 6import logging
 7log = logging.getLogger(__name__)
 8
 9# Bind values to the variables that will be provided to
10# :func:`setup_sql_auth`. This is a good example of the
11# difference between the ``.ini`` config file approach
12# and this one, i.e. of effecting the configuration within
13# the friendly confines of an executable Python source file.
14# Otherwise, the model entity classes would have to be
15# expressed as strings, to be later turned into real
16# references to the object's class.
17# The "translations" dictionary maps the repoze identity
18# model User Group, Permission and password validation
19# function to the field names and function that are actually
20# used in the standard Shabti elixir identity model.
21
22user_name = 'username'
23user_class = User
24group_class = Group
25permission_class = Permission
26dbsession = Session
27translations={'user_name': 'username',
28            'users': 'users',
29            'group_name': 'name',
30            'groups': 'groups',
31            'permission_name': 'name',
32            'permissions': 'permissions',
33            'validate_password': 'validate_password' }
34
35loginform = FriendlyFormPlugin(
36    '/login/index',                           # arg - login_form_url
37    login_handler_path = '/login_handler',    # arg - login_handler_path
38    logout_handler_path = '/logout_handler',  # arg - logout_handler_path
39    rememberer_name = 'cookie',               # arg - rememberer_name
40    post_login_url = '/login/welcome_back',   # The URL/path to the post-login
41                                              # page, if any.
42    post_logout_url = '/login/see_you_later', # The URL/path to the post-logout
43                                              # page, if any.
44    )
45
46# Bind values to the variables that will be provided to
47# :class:`FriendlyRedirectingFormPlugin` and create an
48# instance of same.
49# ATM, an actual (configured) instance is required, ya
50# can't just supply the class name.
51
52
53def add_auth(app, skip_authentication):
54    """Add authentication and authorization middleware to the ``app``."""
55    return setup_sql_auth(app,
56            user_class,
57            group_class,
58            permission_class,
59            dbsession,
60            form_plugin=loginform,
61            form_identifies=True,
62            cookie_secret='secretsquirrel',
63            cookie_name='authtkt',
64            login_url='/login/index',
65            post_login_url='/login/welcome_back',
66            post_logout_url='/login/see_you_later',
67            login_counter_name='__tries',
68            translations=translations,
69            skip_authentication=skip_authentication)
70
71def get_user():
72    """Return the current user's database object."""
73    if 'repoze.who.identity' in request.environ:
74        return request.environ.get('repoze.who.identity')['user']
75    else:
76        return None
77