> With respect to 2.0, sorry everyone but I've been dragging my feet on an
> issue in the new security api so it isn't out yet!
Hey Michael, anything I can do to help out with the security API?
—Theron
> On Aug 31, 2020, at 10:23 AM, Michael Merickel wrote:
>
> The 2.0 security system is
Thanks everyone for the great responses!
I’m planning on having a go at making an authentication policy along the lines
of SessionAuthenticationPolicy and have the Flask cookie signing bits imported
just to handle that.
The apps are definitely going to dealt with as seperate, the migration is
The 2.0 security system is pretty backward compatible so I'd recommend just
starting with 1.x but I might suggest using the master version of
pyramid-cookiecutter-starter as it has significant improvements to the default
test fixtures for new projects.
With respect to 2.0, sorry everyone but
I've done a handful of side-by-side migrations or deployments.
I think you already identified the generally best approach IMHO:
> Conceptually the simplest would be to have a auth cookie that is
valid in both, it could be set to only be created in one and honoured in
the other.
However I