Pyramid 中的身份验证问题(记住 +authentiated_userid)
我无法让金字塔的基本身份验证机制为我工作。我做错了吗?
为了调试,我在我的一个视图中运行了这段代码:
print '$$$1', pyramid.security.remember(request, 12)
print '$$$2', pyramid.security.unauthenticated_userid(request)
print '$$$3', pyramid.security.authenticated_userid(request)
这是我得到的输出:
$$$1 [('Set-Cookie', 'auth_tkt="45a66a6e860356b991cc8fc8acf9bf7f4d8b3d2212!userid_type:int"; Path=/'), ('Set-Cookie', 'auth_tkt="45a66a6e860356b991cc8fc8acf9bf 7f4d8b3d2212!userid_type:int"; 路径=/;域=127.0.0.1:6543'),('设置Cookie','auth_tkt="45a66a6e860356b991cc8fc8acf9bf7f4d8b3d2212!userid_type:int";路径=/;域=.127.0.0.1:6543')]
$$$2 无
$$$3 无
request.session 为我工作,所以我猜问题不在于 cookie。
这是我在 __init__ 中用于配置 Pyramid 的代码:
authn_policy = AuthTktAuthenticationPolicy( 'secret', callback=lambda x:[])
engine = engine_from_config(settings, 'sqlalchemy.')
initialize_sql(engine)
my_session_factory = UnencryptedCookieSessionFactoryConfig('anothersecret')
config = Configurator(settings=settings, session_factory=my_session_factory,
authentication_policy=authn_policy,
)
请帮忙!
I can't get Pyramid's basic authentication mechanism to work for me. Am I doing it wrong?
To debug, I ran this block of code inside one of my views:
print '$$1', pyramid.security.remember(request, 12)
print '$$2', pyramid.security.unauthenticated_userid(request)
print '$$3', pyramid.security.authenticated_userid(request)
Here is the output I got:
$$$1 [('Set-Cookie', 'auth_tkt="45a66a6e860356b991cc8fc8acf9bf7f4d8b3d2212!userid_type:int"; Path=/'), ('Set-Cookie', 'auth_tkt="45a66a6e860356b991cc8fc8acf9bf7f4d8b3d2212!userid_type:int"; Path=/; Domain=127.0.0.1:6543'), ('Set-Cookie', 'auth_tkt="45a66a6e860356b991cc8fc8acf9bf7f4d8b3d2212!userid_type:int"; Path=/; Domain=.127.0.0.1:6543')]
$$$2 None
$$$3 None
I do have request.session working for me, so I'm guessing the problem isn't with the cookies.
Here's the code I use in my __init__ to config Pyramid:
authn_policy = AuthTktAuthenticationPolicy( 'secret', callback=lambda x:[])
engine = engine_from_config(settings, 'sqlalchemy.')
initialize_sql(engine)
my_session_factory = UnencryptedCookieSessionFactoryConfig('anothersecret')
config = Configurator(settings=settings, session_factory=my_session_factory,
authentication_policy=authn_policy,
)
Please help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
“记住”只返回标题。您需要将这些标头设置到响应中。另请参阅
"remember" just returns headers. You need to set these headers into the response. See also this section of Adding Authorization docs, particularly the code sample directly below in line 21 & 22.
您可能犯了与我在阅读教程时相同的错误,即指出 group_finder /only/ 返回其他组。此处引用的情况并非如此: http://plope.com/pyramid_auth_design_api_postmortem 。
如果您使用回调函数,则它必须仅在用户无效时返回 None。对于不在枚举用户中的任何用户,本教程的示例将不返回任何内容(即使您通过某种其他机制对用户进行身份验证)。在我自己的代码中,对于用户尚未位于记住的列表/组中的情况,我明确返回一个空列表( [] )。这样我就有了三种类型的访问级别:公共、经过身份验证、基于组的权限。
除了本教程的示例之外,还有这组食谱条目:
http://docs.pylonsproject.org/projects/pyramid_cookbook/dev/authentication.html
You are probably making the same mistake I was in reading the tutorial as stating that group_finder /only/ returns additional groups. This is not the case as referenced here: http://plope.com/pyramid_auth_design_api_postmortem .
If you use the callback function it must only return None when the user is invalid. The tutorial's example will return none for any user that isn't in the enumerated users (even if you are authenticating the user via some other mechanism). In my own code I explicitly return an empty list ( [] ) for the case of a user not yet being in a remembered list/group. This way I have three types of access levels: Public, Authenticated, Group Based Permissions.
In addition to the tutorial's example there is also this set of cookbook entries:
http://docs.pylonsproject.org/projects/pyramid_cookbook/dev/authentication.html