Login

Repoze Blog

2008-06-10 00:00:00-05:00

repoze.who 1.0 Released

Version 1.0 of the repoze.who WSGI authentication framework has been released. You can get it via easy_install -i http://dist.repoze.org/who/latest/simple repoze.who.

Version 1.0 has optional support for middleware configuration via a config file (thanks to Tres). Being a framework, repoze.who is configuration-heavy, and it can provide a better separation of concerns and more convenience to wire it up via a configuration file than via Python code. So rather than configuring the middleware and attendant plugins via straight Python code, you can now wire who configuration up in an .ini file:


    # who.ini



    [plugin:form]

    # identification and challenge

    use = repoze.who.plugins.form:make_plugin

    login_form_qs = __do_login

    rememberer_name = cookie

    form = %(here)s/login_form.html



    [plugin:auth_tkt]

    # identification

    use = repoze.who.plugins.auth_tkt:make_plugin

    secret = s33kr1t

    cookie_name = oatmeal

    secure = False

    include_ip = False



    [plugin:basicauth]

    # identification and challenge

    use = repoze.who.plugins.basicauth:make_plugin

    realm = 'sample'



    [plugin:htpasswd]

    # authentication

    use = repoze.who.plugins.htpasswd:make_plugin

    filename = %(here)s/passwd

    check_fn = repoze.who.plugins.htpasswd:crypt_check



    [plugin:sqlusers]

    # authentication

    use = repoze.who.plugins.sql:make_authenticator_plugin

    query = "SELECT userid, password FROM users where login = %(login)s;"

    conn_factory = repoze.who.plugins.sql:make_psycopg_conn_factory

    compare_fn = repoze.who.plugins.sql:default_password_compare



    [plugin:sqlproperties]

    name = properties

    use = repoze.who.plugins.sql:make_metadata_plugin

    query = "SELECT firstname, lastname FROM users where userid = %(__userid)s;"

    filter = my.package:filter_propmd

    conn_factory = repoze.who.plugins.sql:make_psycopg_conn_factory



    [general]

    request_classifier = repoze.who.classifiers:default_request_classifier

    challenge_decider = repoze.who.classifiers:default_challenge_decider



    [identifiers]

    # plugin_name;classifier_name:.. or just plugin_name (good for any)

    plugins =

          form;browser

          auth_tkt

          basicauth



    [authenticators]

    # plugin_name;classifier_name.. or just plugin_name (good for any)

    plugins =

          htpasswd

          sqlusers



    [challengers]

    # plugin_name;classifier_name:.. or just plugin_name (good for any)

    plugins =

          form;browser

          basicauth



    [mdproviders]

    plugins =

          sqlproperties

Then you can use a constructor to create the configuration based on the .ini file, e.g.:


from repoze.who.config import WhoConfig



app = {next app in pipeline}

here = os.path.dirname(__file__)

config_file = os.path.join(here, 'who.ini')

parser = WhoConfig(here)

parser.parse(open(config_file))

middleware = PluggableAuthenticationMiddleware(app,

             parser.identifiers,

             parser.authenticators,

             parser.challengers,

             parser.mdproviders,

             parser.request_classifier,

             parser_challenge_decider,

             log_stream = sys.stdout,

             log_level = logging.DEBUG,

             )

There is a PasteScript-compatible constructor available via the egg name egg:repoze.who#config that does just this, so you can also just wire it up via a paste config file equivalently, ala:


[filter:who]

use = egg:repoze.who#config

config_file = %(here)s/etc/who.ini

log_level = debug

log_stream = stdout

You can read the documentation for more information about configuration.

- Chris

posted at: 00:00 | permalink