Another way to ensure that authentification happens every request:
@subscriber(NewRequest)
def refresh_auth_cookie(event):
event.request.unauthenticated_userid
As a side-note, if you happen to be using pyramid_tm, its tween is probably
already doing this for you. Unless disabled by one of the tm.activate_hook,
or tm.annotate_user app settings, it sets the user annotation on the
transaction from unauthenticated_userid on every request.
On Thu, Jul 9, 2015 at 1:16 PM, Torsten Irländer <[email protected]>
wrote:
> I came up with a first version of a tween which seems to do what I want on
> the first tests. Does this look reasonable or is there a better way?
>
> from pyramid.interfaces import IAuthenticationPolicy
>
> def refresh_auth_timeout_factory(handler, registry):
> def refresh_auth_timeout_tween(request):
> """The tween will refresh the the timeout of the
> authentification cookie on every request. On default this
> only happens on requests which needs
> authentification/authorisation. As the authentification should
> be valid as long the user shows some activity by triggering
> requests this tween will refresh the timeout on every request."""
> policy = request.registry.queryUtility(IAuthenticationPolicy)
> policy.cookie.identify(request)
> return handler(request)
> return refresh_auth_timeout_tween
>
> Torsten Irländer <[email protected]> schrieb am Do., 9. Juli 2015 um
> 21:02 Uhr:
>
>> Hi,
>> I am using the AuthTktAuthenticationPolicy for authentification and set a
>> timeout to invalidate the auth_tkt cookie after some time of user
>> inactivity. The cookie's timeout is reissued on every request which
>> requires an authetification. This works good so far.
>>
>> What I want is to reissue the cookie on every request and not only on the
>> ones which requires authentification.
>> So how to explicit trigger the refresh/reissue of the authentification
>> cookie? Can someone give me an example?
>>
>> My preferred approach so far is to implement this in a tween. Is this a
>> reasonable way?
>>
>> Torsten
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "pylons-discuss" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To post to this group, send email to [email protected].
>> Visit this group at http://groups.google.com/group/pylons-discuss.
>> For more options, visit https://groups.google.com/d/optout.
>>
> --
> You received this message because you are subscribed to the Google Groups
> "pylons-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/pylons-discuss.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/d/optout.
