AuthTkt is still supported, there is a authentication module for it in Pyramid that uses authtkt for auth.
Bert On Apr 12, 2014, at 9:01, Mike Orr <[email protected]> wrote: > It has been four years since I've heard anything about AuthKit so I'm > not sure it's still supported. Since you're apparently writing a new > application rather than just keeping an old one running, why are you > using such ancient technologies as AuthKit, middleware, and > (apparently) Pylons? Pyramid has a built-in auth system, more complete > documentation, better support, tweens which are easier to write than > middleware, is forward-compatible with Python 3, and is "Pylons 2". > > > On Thu, Apr 10, 2014 at 7:23 AM, Etienne Robillard <[email protected]> wrote: >> >> Hello, >> >> I'm trying to make cookie authentication working with authkit and WSGI but >> cannot >> find a healthy solution. So far here's the code which i'm trying >> to use for getting a users object into the environ: >> >> #!/usr/bin/env python >> from notmm.controllers.wsgi import WSGIController >> from notmm.controllers.auth import LoginController >> from notmm.utils.http import httpserver >> from notmm.utils.configparse import loadconf >> >> sample_app = WSGIController() >> settings = sample_app.settings >> global_conf = loadconf('auth.conf') >> auth_conf = global_conf['authkit'] >> auth_app = LoginController(sample_app, auth_conf, settings=settings) >> >> if __name__ == '__main__': >> httpserver.daemonize(auth_app, ('localhost', 8000)) >> >> >> And here's the login view to handle authentication: >> >> def authenticate_user(request, username, password, tokens='', >> user_data=time.ctime, >> authfunc='paste.auth_tkt.set_user'): >> """Authenticate the user into the site and update the last_modified >> timestamp if authentication and authorization granted user access.""" >> >> try: >> user_setter_func = request.environ[authfunc] >> if valid_password(request.environ, username, password): >> user_setter_func(username, tokens=tokens, user_data=user_data()) >> #trigger function here to update the last_modified timestamp >> log.debug('User %s has been authenticated and authorized >> access!!' % username) >> raise NotAuthenticatedError >> except (KeyError, Exception): >> raise NotAuthenticatedError >> return None >> >> controller: >> >> >> class AuthCookieController(SessionController): >> """ >> Authentication controller to delegate authorization to generic >> user-defined backends. >> >> """ >> >> request_class = HTTPRequest >> response_class = HTTPResponse >> >> def __init__(self, wsgi_app, auth_conf=None, **kwargs): >> >> super(AuthCookieController, self).__init__(**kwargs) >> >> #put a pointer on the previous wsgi app in the stack >> self.wsgi_app = wsgi_app >> >> self.auth_conf_wrapper = auth_middleware(wsgi_app, >> app_conf=auth_conf, >> cookie_secret='secret string', >> #handle_httpexception=False, >> valid=self.authenticate, >> #enforce=self.auth_conf['enforce'] >> ) >> >> def application(self, environ, start_response, exc_info=None): >> # apply the response middleware wrapper to >> # the WSGI stack and return a callable obj >> return self.auth_conf_wrapper(environ, start_response) >> >> >> def authenticate(self, username, password): >> """ >> Authenticate with the provided ``username`` and ``password``. >> >> Developers are expected to override this method in custom >> authentication subclasses. >> """ >> >> if username == password: >> return username >> else: >> return None >> >> LoginController = AuthCookieController >> >> the traceback: >> >>> >>> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user() >> -> if valid_password(request.environ, username, password): >> (Pdb) bt >> /home/steiner/src/notmm/trunk/examples/auth/redirect.py(15)<module>() >> -> httpserver.daemonize(auth_app, ('localhost', 8000)) >> >> /home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(157)daemonize() >> -> server.serve() >> >> /home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(115)serve() >> -> self.server.serve_forever() >> /usr/local/lib/python2.7/SocketServer.py(238)serve_forever() >> -> self._handle_request_noblock() >> /usr/local/lib/python2.7/SocketServer.py(295)_handle_request_noblock() >> -> self.process_request(request, client_address) >> /usr/local/lib/python2.7/SocketServer.py(321)process_request() >> -> self.finish_request(request, client_address) >> /usr/local/lib/python2.7/SocketServer.py(334)finish_request() >> -> self.RequestHandlerClass(request, client_address, self) >> /usr/local/lib/python2.7/SocketServer.py(649)__init__() >> -> self.handle() >> /usr/local/lib/python2.7/wsgiref/simple_server.py(124)handle() >> -> handler.run(self.server.get_app()) >> /usr/local/lib/python2.7/wsgiref/handlers.py(85)run() >> -> self.result = application(self.environ, self.start_response) >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(314)__call__() >> -> return self.app(environ, start_response) >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/cookie.py(480)__call__() >> -> return self.app(environ, cookie_setting_start_response) >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(87)__call__() >> -> app_iter = app(environ, start_response) >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(55)app() >> -> return self.default(environ, find) >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(304)__call__() >> -> return self.app(environ, start_response) >> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(96)login() >> -> authenticate_user(request, username, password) >>> >>> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user() >> -> if valid_password(request.environ, username, password): >> >> /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(97)valid_password() >> -> raise no_authkit_users_in_environ >> >> And heres the config i use: >> [authkit] >> >> authkit.setup.enable = true >> authkit.setup.method = redirect,cookie >> authkit.setup.handle_exceptions = false >> >> #authkit.authenticate.callback = authkit.authenticate.cookie2:middleware >> #authkit.digest.authenticate.user.data = visitor:open_sesame >> #authkit.digest.realm = 'Test realm' >> >> # authentication options >> authkit.redirect.url = /session_login/ >> #authkit.user.type = mainapp.accounts.model:UserManager >> >> >> as you can see authkit middleware doesnt set up a proper users >> object, which make authentication fail. Is there thus an alternative method >> to set up the middleware to handle form authentication in authkit? >> >> Regards, >> >> Etienne >> >> -- >> You received this message because you are subscribed to the Google Groups >> "pylons-discuss" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at http://groups.google.com/group/pylons-discuss. >> For more options, visit https://groups.google.com/d/optout. > > > > -- > Mike Orr <[email protected]> > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/pylons-discuss. > For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME cryptographic signature
