pyramid_duh.auth module¶
Utilities for auth
-
class
pyramid_duh.auth.
MixedAuthenticationPolicy
(*policies)[source]¶ Bases:
object
Auth policy that is backed by multiple other auth policies
Checks authentication against each contained policy in order. The first one to return a non-None userid is used. Principals are merged.
-
authenticated_userid
(request)[source]¶ Return the authenticated userid or
None
if no authenticated userid can be found. This method of the policy should ensure that a record exists in whatever persistent store is used related to the user (the user should not have been deleted); if a record associated with the current id does not exist in a persistent store, it should returnNone
.
-
effective_principals
(request)[source]¶ Return a sequence representing the effective principals including the userid and any groups belonged to by the current user, including ‘system’ groups such as
pyramid.security.Everyone
andpyramid.security.Authenticated
.
-
forget
(request)[source]¶ Return a set of headers suitable for ‘forgetting’ the current user on subsequent requests.
-
remember
(request, principal, **kw)[source]¶ Return a set of headers suitable for ‘remembering’ the principal named
principal
when set in a response. An individual authentication policy and its consumers can decide on the composition and meaning of **kw.
-
unauthenticated_userid
(request)[source]¶ Return the unauthenticated userid. This method performs the same duty as
authenticated_userid
but is permitted to return the userid based only on data present in the request; it needn’t (and shouldn’t) check any persistent store to ensure that the user record related to the request userid exists.
-