repoze.who SQLAlchemy plugin¶
| Author: | Gustavo Narea. |
|---|---|
| Latest version: | 1.0.1 |
Overview
The repoze.who SQLAlchemy plugin provides an authenticator and a metadata provider plugins for SQLAlchemy or Elixir-based models.
How to install¶
The minimum requirements repoze.who and SQLAlchemy and you can install it all by running:
easy_install repoze.who.plugins.sa
The development mainline is available at the following Git repository:
git://github.com/repoze/repoze.who-sqlalchemy.git
Authenticator¶
- class repoze.who.plugins.sa.SQLAlchemyAuthenticatorPlugin(user_class, dbsession)¶
repoze.who authenticator for SQLAlchemy models.
Example:
from repoze.who.plugins.sa import SQLAlchemyAuthenticatorPlugin from yourcoolproject.model import User, DBSession authenticator = SQLAlchemyAuthenticatorPlugin(User, DBSession)
This plugin assumes that the user name is kept in the user_name attribute of the users’ class, as well as that such a class has a method that verifies the user’s password against the password provided through the login form (it receives the password to be verified as the only argument and such method is assumed to be called validate_password).
If you don’t want to call the attributes above as user_name and/or validate_password, respectively, then you have to “translate” them as in the sample below:
# You have User.username instead of User.user_name: authenticator.translations['user_name'] = 'username' # You have User.verify_password instead of User.validate_password: authenticator.translations['validate_password'] = 'verify_password'
If you would like to prevent timing attacks, you can provide a validation function through the dummy_validate_password translation, which should use the same algorithm as in validate_password:
from yourcoolproject import validate_pass authenticator.translations['dummy_validate_password'] = validate_pass
Note
If you want to configure this authenticator from an ini file, use make_sa_authenticator().
New in version 1.0.1: Support for dummy_validate_password was added.
- repoze.who.plugins.sa.make_sa_authenticator(user_class=None, dbsession=None, user_name_translation=None, validate_password_translation=None, dummy_validate_password_translation=None)¶
Configure SQLAlchemyAuthenticatorPlugin.
Parameters: - user_class (str) – The SQLAlchemy/Elixir class for the users.
- dbsession (str) – The SQLAlchemy/Elixir session.
- user_name_translation (str) – The translation for user_name, if any.
- validate_password_translation (str) – The translation for validate_password, if any.
- dummy_validate_password_translation (function) – The translation for dummy_validate_password, if any.
Returns: The authenticator.
Return type: SQLAlchemyAuthenticatorPlugin
Example from an *.ini file:
# ... [plugin:sa_auth] use = repoze.who.plugins.sa:make_sa_authenticator user_class = yourcoolproject.model:User dbsession = yourcoolproject.model:DBSession # ...
Or, if you need translations:
# ... [plugin:sa_auth] use = repoze.who.plugins.sa:make_sa_authenticator user_class = yourcoolproject.model:User dbsession = yourcoolproject.model:DBSession user_name_translation = username validate_password_translation = verify_password dummy_validate_password_translation = yourcoolproject.security:validate # ...
New in version 1.0.1: Support for dummy_validate_password_translation was added.
Metadata provider¶
- class repoze.who.plugins.sa.SQLAlchemyUserMDPlugin(user_class, dbsession)¶
repoze.who metadata provider that loads the SQLAlchemy-powered object for the current user.
It loads the object into identity['user'].
Example:
from repoze.who.plugins.sa import SQLAlchemyUserMDPlugin from yourcoolproject.model import User, DBSession mdprovider = SQLAlchemyUserMDPlugin(User, DBSession)
This plugin assumes that the user name is kept in the user_name attribute of the users’ class. If you don’t want to call the attribute above as user_name, then you have to “translate” it as in the sample below:
# You have User.username instead of User.user_name: mdprovider.translations['user_name'] = 'username'
Note
If you want to configure this plugin from an ini file, use make_sa_user_mdprovider().
- repoze.who.plugins.sa.make_sa_user_mdprovider(user_class=None, dbsession=None, user_name_translation=None)¶
Configure SQLAlchemyUserMDPlugin.
Parameters: - user_class (str) – The SQLAlchemy/Elixir class for the users.
- dbsession (str) – The SQLAlchemy/Elixir session.
- user_name_translation (str) – The translation for user_name, if any.
Returns: The metadata provider.
Return type: SQLAlchemyUserMDPlugin
Example from an *.ini file:
# ... [plugin:sa_md] use = repoze.who.plugins.sa:make_sa_user_mdprovider user_class = yourcoolproject.model:User dbsession = yourcoolproject.model:DBSession # ...
Or, if you need translations:
# ... [plugin:sa_md] use = repoze.who.plugins.sa:make_sa_user_mdprovider user_class = yourcoolproject.model:User dbsession = yourcoolproject.model:DBSession user_name_translation = username # ...
Miscellaneous¶
- class repoze.who.plugins.sa.SQLAlchemyUserChecker(user_class, dbsession)¶
User existence checker for repoze.who.plugins.auth_tkt.AuthTktCookiePlugin.
Example:
from repoze.who.plugins.sa import SQLAlchemyUserChecker from yourcoolproject.model import User, DBSession checker = SQLAlchemyUserChecker(User, DBSession)
This plugin assumes that the user name is kept in the user_name attribute of the users’ class. If you don’t want to call it that way, then you have to “translate” it as in the sample below:
# You have User.username instead of User.user_name: checker.translations['user_name'] = 'username'
How to get help?¶
The prefered place to ask questions and request features is the Repoze mailing list.
To report bugs, please go to GitHub.
