I don't know if there's a tutorial for authorization with MongoDB specifically, but I do think the Akhet docs mentioned before would work: http://docs.pylonsproject.org/projects/akhet/dev/auth.html
Most of it is focused on parts other than the model, so you can use it with almost any backend. You'd only need to implement your own groupfinder function and Users object, with methods like Users.by_id(someid) and Users.by_username(someusername). On Mon, Jul 11, 2011 at 6:56 PM, Bruce Wade <[email protected]> wrote: > I will need to implement authentication/authorization with mongodb. Is > there already a tutorial for this? If not once I hammer it out I will write > one :D > > On Mon, Jul 11, 2011 at 6:49 PM, Eric Rasmussen > <[email protected]>wrote: > >> Sure, linking is great. One day I'll get around to adding it in >> officially. Also, if anyone does try it out and has feedback, you're welcome >> to email me personally or respond here. >> >> On Mon, Jul 11, 2011 at 6:32 PM, Chris McDonough <[email protected]>wrote: >> >>> On Mon, 2011-07-11 at 18:26 -0700, Eric Rasmussen wrote: >>> > A while back I was working on a complete Pyramid + pyramid_sqla demo >>> > to show how you can use authorization with a SQLite database and >>> > SQLAlchemy. I just reworked it to use Pyramid + Akhet and it seems to >>> > run fine, although there are likely a lot of little inconsistencies or >>> > issues to be found here: >>> > >>> > http://pyramid.chromaticleaves.com/simpleauth/ >>> > >>> > If anyone has time to glance through it or go along with it and create >>> > the demo, let me know how it works for you and if you find it useful >>> > as a standalone project demonstration. If it seems to be what people >>> > are looking for I can clean it up and make a recipe out of it. If not, >>> > let me know how it could be more useful and I'll do what I can. >>> >>> This looks great! I added a link to it in the Pyramid cookbook (it will >>> be visible on the next renedering). Hope that's OK. >>> >>> > >>> > On Mon, Jul 11, 2011 at 4:15 PM, Matt Feifarek >>> > <[email protected]> wrote: >>> > On Mon, Jul 11, 2011 at 3:12 PM, Raoul Snyman >>> > <[email protected]> wrote: >>> > I've just spent the better part of the weekend >>> > scouring the docs for >>> > some mention or example of how to do auth (both >>> > authentication and >>> > authorisation) from the database, and gave up and >>> > decided to roll my >>> > own, because I can't see how to do it from the DB. >>> > >>> > >>> > I can't answer your question as to why there aren't more >>> > tutorials. I've recently done what you are now doing, and >>> > found this very helpful: >>> > https://github.com/mmerickel/pyramid_auth_demo >>> > >>> > >>> > For me, making __acl__ into a property that is therefore >>> > in-effect a function call allows me to mix more than one kind >>> > of "group" or other credentials. In my case, I have three: >>> > >>> > >>> > 1. I have groups that are basically class-level static >>> > permissions, declared in my class definition in an attribute >>> > called _class_acls. >>> > >>> > >>> > 2. Then I have some credentials that are stored in my database >>> > with the user account object itself, in an attribute called >>> > _inst_acls, but could be a column or whatever. >>> > >>> > >>> > 3. and finally I have credentials that are derived at >>> > call-time based on things like the users' id. One could go on >>> > and on, of course, having a "its_a_tuesday_morning" >>> > permission, or "user_id_is_divisible_by_7" or whatever. >>> > >>> > >>> > The __acl__ attribute is really running self._get_acls() which >>> > assembles all three types of permission credentials; it was an >>> > aha moment for me, and I'm embarrassed that I didn't think of >>> > it sooner; I guess reading the docs made me think that there >>> > might be something "magical" about __acl__ but it's just an >>> > attribute. >>> > >>> > >>> > This trick can also be extended to objects that need >>> > authorization, as in the link I pasted. These two "dymanic" >>> > tricks make the standard traversal and acl stuff super >>> > powerful. I'm using ZODB, but the principle is the same. Once >>> > you think about __acl__ as something that can be callable, you >>> > can literally do anything. >>> > >>> > >>> > I hope this helps, but really, Michael Merickel is the one to >>> > thank for the example. >>> > >>> > >>> > >>> > -- >>> > You received this message because you are subscribed to the >>> > Google Groups "pylons-discuss" group. >>> > To post to this group, send email to >>> > [email protected]. >>> > To unsubscribe from this group, send email to pylons-discuss >>> > [email protected]. >>> > For more options, visit this group at >>> > http://groups.google.com/group/pylons-discuss?hl=en. >>> > >>> > >>> > >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> > Groups "pylons-discuss" group. >>> > To post to this group, send email to [email protected]. >>> > To unsubscribe from this group, send email to pylons-discuss >>> > [email protected]. >>> > For more options, visit this group at >>> > http://groups.google.com/group/pylons-discuss?hl=en. >>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "pylons-discuss" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/pylons-discuss?hl=en. >>> >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "pylons-discuss" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/pylons-discuss?hl=en. >> > > > > -- > -- > Regards, > Bruce Wade > http://ca.linkedin.com/in/brucelwade > http://www.wadecybertech.com > http://www.warplydesigned.com > http://www.fitnessfriendsfinder.com > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/pylons-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
