Merge branch 'master' of github.com:aio-libs/aiohttp_security
This commit is contained in:
commit
a77702c799
|
@ -1,10 +1,13 @@
|
|||
from .abc import AbstractIdentityPolicy, AbstractAuthorizationPolicy
|
||||
from .api import remember, forget, setup, authorized_userid, permits
|
||||
from .cookies_identity import CookiesIdentityPolicy
|
||||
from .session_identity import SessionIdentityPolicy
|
||||
|
||||
|
||||
__version__ = '0.1.0'
|
||||
|
||||
|
||||
__all__ = ('AbstractIdentityPolicy', 'AbstractAuthorizationPolicy',
|
||||
'CookiesIdentityPolicy', 'SessionIdentityPolicy',
|
||||
'remember', 'forget', 'authorized_userid',
|
||||
'permits', 'setup')
|
||||
|
|
|
@ -7,12 +7,12 @@ from . import db
|
|||
|
||||
|
||||
class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
|
||||
def __init__(self, db_pool):
|
||||
self.db_pool = db_pool
|
||||
def __init__(self, dbengine):
|
||||
self.dbengine = dbengine
|
||||
|
||||
@asyncio.coroutine
|
||||
def authorized_user_id(self, identity):
|
||||
with (yield from self.db_pool) as conn:
|
||||
with (yield from self.dbengine) as conn:
|
||||
where = [db.users.c.login == identity,
|
||||
not db.users.c.disabled]
|
||||
query = db.users.count().where(sa.and_(*where))
|
||||
|
@ -24,7 +24,7 @@ class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
|
|||
|
||||
@asyncio.coroutine
|
||||
def permits(self, identity, permission, context=None):
|
||||
with (yield from self.db_pool) as conn:
|
||||
with (yield from self.dbengine) as conn:
|
||||
where = [db.users.c.login == identity,
|
||||
not db.users.c.disabled]
|
||||
record = self.data.get(identity)
|
||||
|
|
|
@ -0,0 +1,46 @@
|
|||
import asyncio
|
||||
|
||||
from aiohttp import web
|
||||
from aiohttp_session import setup as setup_session
|
||||
from aiohttp_session.redis_storage import RedisStorage
|
||||
from aiohttp_security import setup as setup_security
|
||||
from aiohttp_security import SessionIdentityPolicy
|
||||
from aiopg.sa import create_engine
|
||||
from aioredis import create_pool
|
||||
|
||||
|
||||
from demo.db_auth import DBAuthorizationPolicy
|
||||
|
||||
|
||||
@asyncio.coroutine
|
||||
def init(loop):
|
||||
redis_pool = yield from create_pool(('localhost', 6379))
|
||||
dbengine = yield from create_engine(user='aiohttp_security',
|
||||
password='aiohttp_security',
|
||||
database='aiohttp_security',
|
||||
host='127.0.0.1')
|
||||
app = web.Application(loop=loop)
|
||||
setup_session(app, RedisStorage(redis_pool))
|
||||
setup_security(app,
|
||||
SessionIdentityPolicy(),
|
||||
DBAuthorizationPolicy(dbengine))
|
||||
|
||||
app.add_route()
|
||||
|
||||
handler = app.make_handler()
|
||||
srv = yield from loop.create_server(handler, '127.0.0.1', 8080)
|
||||
print("Server started at http://127.0.0.1:8080")
|
||||
return srv, handler
|
||||
|
||||
|
||||
@asyncio.coroutine
|
||||
def finalize(loop, srv, handler):
|
||||
pass
|
||||
|
||||
|
||||
loop = asyncio.get_event_loop()
|
||||
srv, handler = loop.run_until_complete(init(loop))
|
||||
try:
|
||||
loop.run_forever()
|
||||
except KeyboardInterrupt:
|
||||
loop.run_until_complete((finalize(loop)))
|
|
@ -8,17 +8,28 @@
|
|||
.. currentmodule:: aiohttp_security
|
||||
.. highlight:: python
|
||||
|
||||
The library is build on top of two policies: :term:`authentication`
|
||||
and :term:`authorization` and public API.
|
||||
|
||||
API is policy agnostic, all client code should not call policy code
|
||||
directly but use API only.
|
||||
First of all, what is *aiohttp_security* about?
|
||||
|
||||
It is a set of public API functions and standard for implementation details.
|
||||
|
||||
API is implementation agnostic, all client code should not call policy
|
||||
code (see below) directly but use API only.
|
||||
|
||||
Via API application can remember/forget user in local session
|
||||
(:func:`remember`/:func:`forget`), retrieve :term:`userid`
|
||||
(:func:`authorized_userid`) and check :term:`permission` for
|
||||
remembered user (:func:`permits`).
|
||||
|
||||
The library internals are built on top of two policies:
|
||||
:term:`authentication` and :term:`authorization`. There are abstract
|
||||
base classes for both concepts as well as several implementations
|
||||
shipped with the library. End user is free to build own implemetations
|
||||
if needed.
|
||||
|
||||
Public API
|
||||
==========
|
||||
|
||||
|
||||
Authentication
|
||||
==============
|
||||
|
|
Loading…
Reference in New Issue