0
필자는 AuthTktAuthenticationPolicy를 사용하여 Pyramid에서 간단한 인증을 구현하려고합니다. 나는 this - authentication과 this - authorization을 따른다.Pyramid AuthTktAuthenticationPolicy 콜백이 호출되지 않았습니다.
초기화 평
from pyramid.config import Configurator
from pyramid.authentication import AuthTktAuthenticationPolicy
from pyramid.authorization import ACLAuthorizationPolicy
from .security import groupfinder, Root
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
#config = Configurator(settings=settings)
# ACL
config = Configurator(settings=settings, root_factory=Root)
authn_policy = AuthTktAuthenticationPolicy('sosecret', callback=groupfinder, hashalg='sha512')
authz_policy = ACLAuthorizationPolicy()
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(authz_policy)
config.include('pyramid_jinja2')
config.include('.models')
config.include('.routes')
config.scan()
return config.make_wsgi_app()
security.py
GROUPS = {'admin': ['group:admin']}
USERS = {'receptionist' : 'receptionist'}
def groupfinder(userid, request):
print("It's here")
return ['group:admin']
from pyramid.security import Allow, Everyone
class Root(object):
def __acl__(self):
return [(Allow, Everyone, 'view'), (Allow, 'group:admin', 'edit')]
def __init__(self, request):
pass
내보기 default.py의 repo에서
...
@view_config(route_name='login', renderer='../templates/login.jinja2')
def login(request):
try:
if not ('user_name' in request.params and 'password' in request.params):
return {}
if request.params['user_name'] == '' or request.params['password'] == '':
raise Exception('Ada inputan yang kosong dari form')
match_ = request.dbsession.query(TblUser).filter_by(user_name=request.params['user_name'], user_password=request.params['password']).one()
username = request.params['user_name']
if match_ is not None:
headers = remember(request, username)
request.response.headerlist.extend(headers)
next_url = request.route_url('search-room')
return HTTPFound(location=next_url)
except Exception as e:
log.exception(str(e))
return {'code' : 'error', 'message' : str(e) }
...
@view_config(route_name='search-room', renderer='../templates/search-room.jinja2', permission='edit')
def search_room(request):
try:
if not ('floor' in request.params):
return {}
if request.params['floor'] == '':
raise Exception('Ada inputan yang kosong dari form')
query = request.dbsession.query(TblReservation)
result = query.join(TblRoom, aliased=True).filter_by(room_floor=request.params['floor']).all()
if result is None or len(result) < 1:
raise Exception("No row found")
return {'code' : 'ok', 'message' : '', 'content' : result }
except Exception as e:
log.exception(str(e))
return {'code' : 'error', 'message' : str(e), 'content' : ''}
전체 코드 https://github.com/muhakbaryasin/pyramid-simple-acl
최소한 "admin"으로 인증되고 권한을 부여 받아야 사용자가 '편집'역할을 할 수 있고 'search-room'페이지에 액세스 할 수 있습니다. 내가 지금 가지고 무엇
은 로그인 프로세스가 수행하지만 늘 '검색 방'과가 호출되지 않습니다되어 groupfinder에 액세스 할 수있는 권한을 부여합니다.
무엇이 놓치나요? :(
을. 내가이 문제를 해결했습니다 – campnew
그것을 밖으로 시도 할 것이다. 그것은 쿠키가 보존되지 않았습니다 포함 헤더 beause입니다. 내가 그리워 HTTPFound (위치 = next_url) -> HTTPFound (위치 = next_url, 헤더 = 헤더) – campnew