Hi everyone, I am new to python and web development and is trying to learn through building an application through pyramid. I am currently trying to work on a basic to-do list application with user accounts, authentication and authorization using url dispatch and sqlalchemy
I have read the documentation and is struggling a bit to do this. In the url_dispatch tutorial, it says that I need to use AuthTktAuthenticationPolicy. Does this mean I have to use apache with mod_auth_tkt to deploy my application? I am not sure I want to run apache for the small application I am trying to build. If I need to create my own authentication policy because I don't want to use apache, can anyone give me pointers as to what I have to look out for (what not to do) and any resources I can read so that I can implement what I need and not create any security holes? I've found a lot of "I've rolled my own because it is simple" in previous posts but I couldn't find any of the "simple" authentication policy code examples for pyramid. For the authorization, can anyone give me some basic pointers or point me to a resource on what sqlalchemy models I need to support a simple user group permission authorization scheme? I have some basic idea but I am still a little confused. User table/model Group model (to hold the available groups) UserGroup model (to associate a user and groups) Permission model (to hold available permissions) (do I need both a PermissionGroup and a PermissionUser table?) Sorry in advance if these questions may seem a bit stupid or if I am not understanding some of the concepts properly. I am new to all of this and I am struggling a little while trying to take in everything. Thank you so much for your help! Go -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
