Add couple sentences to the doc

This commit is contained in:
Andrew Svetlov 2015-11-26 14:09:01 +02:00
parent 9f16878a35
commit f4a9232eef
2 changed files with 16 additions and 5 deletions

View File

@ -43,7 +43,7 @@ How to Make a Simple Server With Authorization
def init(loop): def init(loop):
# set up identity and auth # set up identity and auth
auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',), auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',),
'you': ('view_user', 'you': ('view_user',
'edit_user',)}) 'edit_user',)})
identity_policy = CookieIdentityPolicy() identity_policy = CookieIdentityPolicy()
auth = authorization_middleware(auth_policy, identity_policy) auth = authorization_middleware(auth_policy, identity_policy)

View File

@ -8,17 +8,28 @@
.. currentmodule:: aiohttp_security .. currentmodule:: aiohttp_security
.. highlight:: python .. highlight:: python
The library is build on top of two policies: :term:`authentication`
and :term:`authorization` and public API.
API is policy agnostic, all client code should not call policy code First of all, what is *aiohttp_security* about?
directly but use API only.
It is a set of public API functions and standard for implementation details.
API is implementation agnostic, all client code should not call policy
code (see below) directly but use API only.
Via API application can remember/forget user in local session Via API application can remember/forget user in local session
(:func:`remember`/:func:`forget`), retrieve :term:`userid` (:func:`remember`/:func:`forget`), retrieve :term:`userid`
(:func:`authorized_userid`) and check :term:`permission` for (:func:`authorized_userid`) and check :term:`permission` for
remembered user (:func:`permits`). remembered user (:func:`permits`).
The library internals are built on top of two policies:
:term:`authentication` and :term:`authorization`. There are abstract
base classes for both concepts as well as several implementations
shipped with the library. End user is free to build own implemetations
if needed.
Public API
==========
Authentication Authentication
============== ==============