Source

whatpylonsproject / pylonssecuredapp / lib / auth.py

Full commit
from pylons import response
from pylons.controllers.util import abort

from repoze.what.plugins.quickstart import setup_sql_auth
from repoze.what.plugins.pylonshq import ActionProtector, \
                                         ControllerProtector

from pylonssecuredapp.model.auth import User, Group, Permission
from pylonssecuredapp.model import meta
from pylonssecuredapp.lib.helpers import flash


def add_auth(app, skip_authentication):
    """
    Add auth middleware to the ``app`` application.
    
    :param app: The WSGI application.
    :param skip_authentication: Should authentication be skipped while testing
        protected areas? (officially recommended)
    
    """
    
    securedapp = setup_sql_auth(app, User, Group, Permission, meta.Session,
                                logout_handler='/logout',
                                post_login_url='/post_login',
                                post_logout_url='/post_logout',
                                log_level="info", 
                                skip_authentication=skip_authentication)
    
    return securedapp


class protect_action(ActionProtector):
    # Our denial handler should flash the denial reason:
    default_denial_handler = staticmethod(flash)


class protect_controller(ControllerProtector):
    protector = protect_action