From f4a9232eef3497b31117efffe83ff27b8a417401 Mon Sep 17 00:00:00 2001
From: Andrew Svetlov <andrew.svetlov@gmail.com>
Date: Thu, 26 Nov 2015 14:09:01 +0200
Subject: [PATCH] Add couple sentences to the doc
---
docs/example.rst | 2 +-
docs/usage.rst | 19 +++++++++++++++----
2 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/docs/example.rst b/docs/example.rst
index eb88231..9a29c8d 100644
--- a/docs/example.rst
+++ b/docs/example.rst
@@ -43,7 +43,7 @@ How to Make a Simple Server With Authorization
def init(loop):
# set up identity and auth
auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',),
- 'you': ('view_user',
+ 'you': ('view_user',
'edit_user',)})
identity_policy = CookieIdentityPolicy()
auth = authorization_middleware(auth_policy, identity_policy)
diff --git a/docs/usage.rst b/docs/usage.rst
index 62d9ccf..471e879 100644
--- a/docs/usage.rst
+++ b/docs/usage.rst
@@ -8,17 +8,28 @@
.. currentmodule:: aiohttp_security
.. highlight:: python
-The library is build on top of two policies: :term:`authentication`
-and :term:`authorization` and public API.
-API is policy agnostic, all client code should not call policy code
-directly but use API only.
+First of all, what is *aiohttp_security* about?
+
+It is a set of public API functions and standard for implementation details.
+
+API is implementation agnostic, all client code should not call policy
+code (see below) directly but use API only.
Via API application can remember/forget user in local session
(:func:`remember`/:func:`forget`), retrieve :term:`userid`
(:func:`authorized_userid`) and check :term:`permission` for
remembered user (:func:`permits`).
+The library internals are built on top of two policies:
+:term:`authentication` and :term:`authorization`. There are abstract
+base classes for both concepts as well as several implementations
+shipped with the library. End user is free to build own implemetations
+if needed.
+
+Public API
+==========
+
Authentication
==============