FWIW, I have a simple example of authentication/authorization including user management with the ZODB. No groups, but at least users can sign up and only authenticated users can view the site. The application is under development, but that part works.
https://github.com/cguardia/ZODB-Documentation/tree/master/code/conflict/birdie Carlos de la Guardia On Mon, Jul 11, 2011 at 2:09 PM, gostones <gosto...@gmail.com> wrote: > Hi everyone, > > I am new to python and web development and is trying to learn through > building an application through pyramid. > I am currently trying to work on a basic to-do list application with > user accounts, authentication and authorization using url dispatch and > sqlalchemy > > I have read the documentation and is struggling a bit to do this. In > the url_dispatch tutorial, it says that I need to use > AuthTktAuthenticationPolicy. Does this mean I have to use apache with > mod_auth_tkt to deploy my application? I am not sure I want to run > apache for the small application I am trying to build. > > If I need to create my own authentication policy because I don't want > to use apache, can anyone give me pointers as to what I have to look > out for (what not to do) and any resources I can read so that I can > implement what I need and not create any security holes? I've found a > lot of "I've rolled my own because it is simple" in previous posts but > I couldn't find any of the "simple" authentication policy code > examples for pyramid. > > For the authorization, can anyone give me some basic pointers or point > me to a resource on what sqlalchemy models I need to support a simple > user group permission authorization scheme? > > I have some basic idea but I am still a little confused. > > User table/model > Group model (to hold the available groups) > UserGroup model (to associate a user and groups) > Permission model (to hold available permissions) > (do I need both a PermissionGroup and a PermissionUser table?) > > Sorry in advance if these questions may seem a bit stupid or if I am > not understanding some of the concepts properly. I am new to all of > this and I am struggling a little while trying to take in everything. > > Thank you so much for your help! > > > Go > > > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To post to this group, send email to pylons-discuss@googlegroups.com. > To unsubscribe from this group, send email to > pylons-discuss+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/pylons-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to pylons-discuss@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
