pyramid_duh.auth module¶
Utilities for auth
- class pyramid_duh.auth.MixedAuthenticationPolicy(*policies)[source]¶
Bases: object
Auth policy that is backed by multiple other auth policies
Checks authentication against each contained policy in order. The first one to return a non-None userid is used. Principals are merged.
- authenticated_userid(request)[source]¶
Return the authenticated userid or None if no authenticated userid can be found. This method of the policy should ensure that a record exists in whatever persistent store is used related to the user (the user should not have been deleted); if a record associated with the current id does not exist in a persistent store, it should return None.
- effective_principals(request)[source]¶
Return a sequence representing the effective principals including the userid and any groups belonged to by the current user, including ‘system’ groups such as pyramid.security.Everyone and pyramid.security.Authenticated.
- forget(request)[source]¶
Return a set of headers suitable for ‘forgetting’ the current user on subsequent requests.
- remember(request, principal, **kw)[source]¶
Return a set of headers suitable for ‘remembering’ the principal named principal when set in a response. An individual authentication policy and its consumers can decide on the composition and meaning of **kw.
- unauthenticated_userid(request)[source]¶
Return the unauthenticated userid. This method performs the same duty as authenticated_userid but is permitted to return the userid based only on data present in the request; it needn’t (and shouldn’t) check any persistent store to ensure that the user record related to the request userid exists.