pyramid_odesk
pyramid_odesk
allows your users to authorize via odesk
on your pyramid project.
You can find it on pypi as pyramid_odesk
. Also don't forget to check the documentation.
Requirements
pyramid-redis-sessions is used to store session in Redis database, so you need to install
Redis and configure it to listen to port 127.0.0.1
.
Other packages are installed automatically:
pyramid pyramid_redis_sessions python-odesk
To activate jinja2
renderer, install:
pip install pyramid_jinja2
Installation
Install with pip:
pip install pyramid_odesk
or using easy_install
:
easy_install pyramid_odesk
You need to create oDesk API keys of the type Web
and set appropriate permissions to the generated API key.
Usage
You can take a look at the pyramid_odesk_example application or use the instructions below.
Include following settings in your *.ini
file:
[app:main] ... # Redis session settings redis.sessions.secret = FILL ME # oDesk settings odesk.api.key = FILL ME odesk.api.secret = FILL ME
Then in your project's __init__.py
define the following function:
def get_acl_group(user_uid, request): """Here goes your ACL logic.""" # All authenticated users have ``view`` permission return 'view'
This function should return list of ACL group principals or None if user is not allowed to have any access groups. See pyramid documentation for security and tutorial.
Define a RootFactory in your models.py
:
class RootFactory(object): """This object sets the security for our application.""" __acl__ = [ (Allow, Authenticated, 'view'), (Deny, Authenticated, 'login'), (Allow, Everyone, 'login'), ] def __init__(self, request): pass
Now register get_acl_group()
function in the config registry to make authorization work. Put in your main method:
def get_acl_group(request): return ('view',) def main(global_config, **settings): """Main app configuration binding.""" config = Configurator(settings=settings, root_factory="myapp.models.RootFactory") # ACL authorization callback for pyramid-odesk config.registry.get_acl_group = get_acl_group # External includes config.include('pyramid_odesk') # Views and routing goes here # ... # config.add_view('myapp.views.MainPage', renderer='templates/main.jinja2', permission='view') return config.make_wsgi_app()
You can provide custom forbidden.jinja2
template by overriding asset in your __init__.py
:
# Override forbidden template config.override_asset( to_override='pyramid_odesk:templates/forbidden.jinja2', override_with='myapp:templates/forbidden.jinja2')
See template example in pyramid_odesk/templates/forbidden.jinja2.
The "Logout" action is done also via POST request with CSRF protection, see example of "Logout" buttion in pyramid_odesk_example/templates/layout.jinja2.
Contacts
The project is made by Cyril Panshine (@CyrilPanshine). Bug reports and pull requests are very much welcomed!