Databases
StackOverflow2013
Postsdbo
PO(Session) authentication in a pyramids web application
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO(Session) authentication in a pyramids web application
    text
    copied!<p>I am working on a python web application based on the pyramid framework. I am trying to add session authentication to it. By that I understand that:</p> <ul> <li>users can log in/out (security is desirable); user data are kept in a database</li> <li>authentication is handled via the session (<code>request.session</code>)</li> </ul> <p>First off: Is session authentication a good option or are there better ones? Secondly: I can't really make heads or tails of the documentation and examples.</p> <p>So far, I've followed <a href="http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/tutorials/wiki2/authorization.html#adding-login-and-logout-views" rel="nofollow">http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/tutorials/wiki2/authorization.html#adding-login-and-logout-views</a> so far that I have a login/logout form. However, my <code>authn_policy</code> is a <a href="http://docs.pylonsproject.org/projects/pyramid/en/latest/api/authentication.html#pyramid.authentication.SessionAuthenticationPolicy" rel="nofollow">http://docs.pylonsproject.org/projects/pyramid/en/latest/api/authentication.html#pyramid.authentication.SessionAuthenticationPolicy</a></p> <p>As the session factory in pyramid is insecure (see <a href="http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/narr/sessions.html" rel="nofollow">http://docs.pylonsproject.org/projects/pyramid/en/1.3-branch/narr/sessions.html</a>), I use *pyramid_beaker* instead.</p> <p>The configuration is: in <code>__init__.py</code>: <code>session_factory = session_factory_from_settings(settings)</code></p> <p>in the .ini file:</p> <pre><code>beaker.session.lock_dir = %(here)s/data/sessions/lock beaker.session.type = ext:database beaker.session.sa.url = mysql://user:pass@localhost:3306/db beaker.session.table_name = user_session </code></pre> <p>I hope I was able to make my problem clear.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload