Merge branch 'master' of github.com:aio-libs/aiohttp_security

2015-11-26 20:11:49 +02:00 · 2015-11-26 20:11:49 +02:00 · a77702c799
parent fd58337780 77ed3154e3
commit a77702c799
5 changed files with 69 additions and 9 deletions
--- a/aiohttp_security/init.py
+++ b/aiohttp_security/init.py
@ -1,10 +1,13 @@
 from .abc import AbstractIdentityPolicy, AbstractAuthorizationPolicy
 from .api import remember, forget, setup, authorized_userid, permits
+from .cookies_identity import CookiesIdentityPolicy
+from .session_identity import SessionIdentityPolicy


 __version__ = '0.1.0'


 __all__ = ('AbstractIdentityPolicy', 'AbstractAuthorizationPolicy',
+           'CookiesIdentityPolicy', 'SessionIdentityPolicy',
           'remember', 'forget', 'authorized_userid',
           'permits', 'setup')
--- a/demo/db_auth.py
+++ b/demo/db_auth.py
@ -7,12 +7,12 @@ from . import db


 class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
-    def __init__(self, db_pool):
-        self.db_pool = db_pool
+    def __init__(self, dbengine):
+        self.dbengine = dbengine

    @asyncio.coroutine
    def authorized_user_id(self, identity):
-        with (yield from self.db_pool) as conn:
+        with (yield from self.dbengine) as conn:
            where = [db.users.c.login == identity,
                     not db.users.c.disabled]
            query = db.users.count().where(sa.and_(*where))
@ -24,7 +24,7 @@ class DBAuthorizationPolicy(AbstractAuthorizationPolicy):

    @asyncio.coroutine
    def permits(self, identity, permission, context=None):
-        with (yield from self.db_pool) as conn:
+        with (yield from self.dbengine) as conn:
            where = [db.users.c.login == identity,
                     not db.users.c.disabled]
        record = self.data.get(identity)
--- a/demo/main.py
+++ b/demo/main.py
@ -0,0 +1,46 @@
+import asyncio
+
+from aiohttp import web
+from aiohttp_session import setup as setup_session
+from aiohttp_session.redis_storage import RedisStorage
+from aiohttp_security import setup as setup_security
+from aiohttp_security import SessionIdentityPolicy
+from aiopg.sa import create_engine
+from aioredis import create_pool
+
+
+from demo.db_auth import DBAuthorizationPolicy
+
+
+@asyncio.coroutine
+def init(loop):
+    redis_pool = yield from create_pool(('localhost', 6379))
+    dbengine = yield from create_engine(user='aiohttp_security',
+                                        password='aiohttp_security',
+                                        database='aiohttp_security',
+                                        host='127.0.0.1')
+    app = web.Application(loop=loop)
+    setup_session(app, RedisStorage(redis_pool))
+    setup_security(app,
+                   SessionIdentityPolicy(),
+                   DBAuthorizationPolicy(dbengine))
+
+    app.add_route()
+
+    handler = app.make_handler()
+    srv = yield from loop.create_server(handler, '127.0.0.1', 8080)
+    print("Server started at http://127.0.0.1:8080")
+    return srv, handler
+
+
+@asyncio.coroutine
+def finalize(loop, srv, handler):
+    pass
+
+
+loop = asyncio.get_event_loop()
+srv, handler = loop.run_until_complete(init(loop))
+try:
+    loop.run_forever()
+except KeyboardInterrupt:
+    loop.run_until_complete((finalize(loop)))
--- a/docs/example.rst
+++ b/docs/example.rst
@ -43,7 +43,7 @@ How to Make a Simple Server With Authorization
    def init(loop):
        # set up identity and auth
        auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',),
-                                                     'you': ('view_user', 
+                                                     'you': ('view_user',
                                                             'edit_user',)})
        identity_policy = CookieIdentityPolicy()
        auth = authorization_middleware(auth_policy, identity_policy)
--- a/docs/usage.rst
+++ b/docs/usage.rst
@ -8,17 +8,28 @@
 .. currentmodule:: aiohttp_security
 .. highlight:: python

-The library is build on top of two policies: :term:`authentication`
-and :term:`authorization` and public API.

-API is policy agnostic, all client code should not call policy code
-directly but use API only.
+First of all, what is *aiohttp_security* about?
+
+It is a set of public API functions and standard for implementation details.
+
+API is implementation agnostic, all client code should not call policy
+code (see below) directly but use API only.

 Via API application can remember/forget user in local session
 (:func:`remember`/:func:`forget`), retrieve :term:`userid`
 (:func:`authorized_userid`) and check :term:`permission` for
 remembered user (:func:`permits`).

+The library internals are built on top of two policies:
+:term:`authentication` and :term:`authorization`. There are abstract
+base classes for both concepts as well as several implementations
+shipped with the library. End user is free to build own implemetations
+if needed.
+
+Public API
+==========
+

 Authentication
 ==============