module apps.common.auth_app
¶
Short summary¶
module mathenjeu.apps.common.auth_app
Starts an application.
Classes¶
class |
truncated documentation |
---|---|
Defines answers for an application with authentification. It stores a cookie with only the user alias. The method … |
Methods¶
method |
truncated documentation |
---|---|
Authentification. |
|
Overwrites this method to allow or reject users. |
|
Retrieves the session. |
|
Hashes a password. |
|
Checks that a user is allowed. Returns None if it is allowed, otherwise an page with an error message. |
|
Login page. If paramater returnto is specified in the url, the user will go to this page after being logged. |
|
Logout page. |
|
Saves the session to the response in a secure cookie. |
Documentation¶
Starts an application.
- class mathenjeu.apps.common.auth_app.AuthentificationAnswers(app, login_page='login.html', notauth_page='notauthorized.html', auth_page='authorized.html', redirect_logout='/', max_age=1209600, cookie_key=None, cookie_name='mathenjeu', cookie_domain='127.0.0.1', cookie_path='/', secure=False, page_context=None, userpwd=None)¶
Bases :
object
Defines answers for an application with authentification. It stores a cookie with only the user alias. The method authentify_user must be overwritten. The method page_context returns additional information to add before applying any template.
- Paramètres
app – starlette application
login_page – name of the login page
notauth_page – page displayed when a user is not authorized
auth_page – page displayed when a user is authorized
redirect_logout – a not authorized used is redirected to this page
max_age – cookie’s duration in seconds
cookie_key – to encrypt information in the cookie (cannot be None)
cookie_name – name of the session cookie
cookie_domain – cookie is valid for this path only
cookie_path – path of the cookie once storeds
secure – use secured connection for cookies
page_context – to retrieve additional context before rendering the pages (as a function which returns a dictionary)
userpwd – users are authentified with any alias but a common password
- __init__(app, login_page='login.html', notauth_page='notauthorized.html', auth_page='authorized.html', redirect_logout='/', max_age=1209600, cookie_key=None, cookie_name='mathenjeu', cookie_domain='127.0.0.1', cookie_path='/', secure=False, page_context=None, userpwd=None)¶
- Paramètres
app – starlette application
login_page – name of the login page
notauth_page – page displayed when a user is not authorized
auth_page – page displayed when a user is authorized
redirect_logout – a not authorized used is redirected to this page
max_age – cookie’s duration in seconds
cookie_key – to encrypt information in the cookie (cannot be None)
cookie_name – name of the session cookie
cookie_domain – cookie is valid for this path only
cookie_path – path of the cookie once storeds
secure – use secured connection for cookies
page_context – to retrieve additional context before rendering the pages (as a function which returns a dictionary)
userpwd – users are authentified with any alias but a common password
- async authenticate(request)¶
Authentification.
@param request request @return response
- authentify_user(alias, pwd, hash_before=True)¶
Overwrites this method to allow or reject users.
- Paramètres
alias – alias or user
pwd – password
hash_before – hashes the password before comparing, otherwise, the function assumes it is already hashed
- Renvoie
boolean
The current behavior is to allow anybody if the alias is longer than 3 characters.
- get_session(request, notnone=False)¶
Retrieves the session.
- Paramètres
request – request
notnone – None or empty dictionary
- Renvoie
session
- hash_pwd(pwd)¶
Hashes a password.
- Paramètres
pwd – password
- Renvoie
hashed password in hexadecimal format
- is_allowed(alias, pwd, request)¶
Checks that a user is allowed. Returns None if it is allowed, otherwise an page with an error message.
- Paramètres
alias – alias or iser
pwd – password
request – received request
- Renvoie
None if allowed, HTMLResponse otherwise
- async login(request)¶
Login page. If paramater returnto is specified in the url, the user will go to this page after being logged.
- async logout(request)¶
Logout page.
- save_session(response, data)¶
Saves the session to the response in a secure cookie.
- Paramètres
response – response
data – data