It has been four years since I've heard anything about AuthKit so I'm not sure it's still supported. Since you're apparently writing a new application rather than just keeping an old one running, why are you using such ancient technologies as AuthKit, middleware, and (apparently) Pylons? Pyramid has a built-in auth system, more complete documentation, better support, tweens which are easier to write than middleware, is forward-compatible with Python 3, and is "Pylons 2".
On Thu, Apr 10, 2014 at 7:23 AM, Etienne Robillard <[email protected]> wrote: > > Hello, > > I'm trying to make cookie authentication working with authkit and WSGI but > cannot > find a healthy solution. So far here's the code which i'm trying > to use for getting a users object into the environ: > > #!/usr/bin/env python > from notmm.controllers.wsgi import WSGIController > from notmm.controllers.auth import LoginController > from notmm.utils.http import httpserver > from notmm.utils.configparse import loadconf > > sample_app = WSGIController() > settings = sample_app.settings > global_conf = loadconf('auth.conf') > auth_conf = global_conf['authkit'] > auth_app = LoginController(sample_app, auth_conf, settings=settings) > > if __name__ == '__main__': > httpserver.daemonize(auth_app, ('localhost', 8000)) > > > And here's the login view to handle authentication: > > def authenticate_user(request, username, password, tokens='', > user_data=time.ctime, > authfunc='paste.auth_tkt.set_user'): > """Authenticate the user into the site and update the last_modified > timestamp if authentication and authorization granted user access.""" > > try: > user_setter_func = request.environ[authfunc] > if valid_password(request.environ, username, password): > user_setter_func(username, tokens=tokens, user_data=user_data()) > #trigger function here to update the last_modified timestamp > log.debug('User %s has been authenticated and authorized > access!!' % username) > raise NotAuthenticatedError > except (KeyError, Exception): > raise NotAuthenticatedError > return None > > controller: > > > class AuthCookieController(SessionController): > """ > Authentication controller to delegate authorization to generic > user-defined backends. > > """ > > request_class = HTTPRequest > response_class = HTTPResponse > > def __init__(self, wsgi_app, auth_conf=None, **kwargs): > > super(AuthCookieController, self).__init__(**kwargs) > > #put a pointer on the previous wsgi app in the stack > self.wsgi_app = wsgi_app > > self.auth_conf_wrapper = auth_middleware(wsgi_app, > app_conf=auth_conf, > cookie_secret='secret string', > #handle_httpexception=False, > valid=self.authenticate, > #enforce=self.auth_conf['enforce'] > ) > > def application(self, environ, start_response, exc_info=None): > # apply the response middleware wrapper to > # the WSGI stack and return a callable obj > return self.auth_conf_wrapper(environ, start_response) > > > def authenticate(self, username, password): > """ > Authenticate with the provided ``username`` and ``password``. > > Developers are expected to override this method in custom > authentication subclasses. > """ > > if username == password: > return username > else: > return None > > LoginController = AuthCookieController > > the traceback: > >> >> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user() > -> if valid_password(request.environ, username, password): > (Pdb) bt > /home/steiner/src/notmm/trunk/examples/auth/redirect.py(15)<module>() > -> httpserver.daemonize(auth_app, ('localhost', 8000)) > > /home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(157)daemonize() > -> server.serve() > > /home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(115)serve() > -> self.server.serve_forever() > /usr/local/lib/python2.7/SocketServer.py(238)serve_forever() > -> self._handle_request_noblock() > /usr/local/lib/python2.7/SocketServer.py(295)_handle_request_noblock() > -> self.process_request(request, client_address) > /usr/local/lib/python2.7/SocketServer.py(321)process_request() > -> self.finish_request(request, client_address) > /usr/local/lib/python2.7/SocketServer.py(334)finish_request() > -> self.RequestHandlerClass(request, client_address, self) > /usr/local/lib/python2.7/SocketServer.py(649)__init__() > -> self.handle() > /usr/local/lib/python2.7/wsgiref/simple_server.py(124)handle() > -> handler.run(self.server.get_app()) > /usr/local/lib/python2.7/wsgiref/handlers.py(85)run() > -> self.result = application(self.environ, self.start_response) > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(314)__call__() > -> return self.app(environ, start_response) > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/cookie.py(480)__call__() > -> return self.app(environ, cookie_setting_start_response) > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(87)__call__() > -> app_iter = app(environ, start_response) > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(55)app() > -> return self.default(environ, find) > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(304)__call__() > -> return self.app(environ, start_response) > /home/steiner/src/notmm/trunk/examples/auth/views/login.py(96)login() > -> authenticate_user(request, username, password) >> >> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user() > -> if valid_password(request.environ, username, password): > > /home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(97)valid_password() > -> raise no_authkit_users_in_environ > > And heres the config i use: > [authkit] > > authkit.setup.enable = true > authkit.setup.method = redirect,cookie > authkit.setup.handle_exceptions = false > > #authkit.authenticate.callback = authkit.authenticate.cookie2:middleware > #authkit.digest.authenticate.user.data = visitor:open_sesame > #authkit.digest.realm = 'Test realm' > > # authentication options > authkit.redirect.url = /session_login/ > #authkit.user.type = mainapp.accounts.model:UserManager > > > as you can see authkit middleware doesnt set up a proper users > object, which make authentication fail. Is there thus an alternative method > to set up the middleware to handle form authentication in authkit? > > Regards, > > Etienne > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/pylons-discuss. > For more options, visit https://groups.google.com/d/optout. -- Mike Orr <[email protected]> -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/pylons-discuss. For more options, visit https://groups.google.com/d/optout.
