Python 从未调用金字塔AuthTktAuthenticationPolicy回调
我正在尝试使用AuthTktAuthenticationPolicy在金字塔中实现简单身份验证。我跟着他走 init.pyPython 从未调用金字塔AuthTktAuthenticationPolicy回调,python,pyramid,Python,Pyramid,我正在尝试使用AuthTktAuthenticationPolicy在金字塔中实现简单身份验证。我跟着他走 init.py from pyramid.config import Configurator from pyramid.authentication import AuthTktAuthenticationPolicy from pyramid.authorization import ACLAuthorizationPolicy from .security import grou
from pyramid.config import Configurator
from pyramid.authentication import AuthTktAuthenticationPolicy
from pyramid.authorization import ACLAuthorizationPolicy
from .security import groupfinder, Root
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
#config = Configurator(settings=settings)
# ACL
config = Configurator(settings=settings, root_factory=Root)
authn_policy = AuthTktAuthenticationPolicy('sosecret', callback=groupfinder, hashalg='sha512')
authz_policy = ACLAuthorizationPolicy()
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(authz_policy)
config.include('pyramid_jinja2')
config.include('.models')
config.include('.routes')
config.scan()
return config.make_wsgi_app()
security.py
GROUPS = {'admin': ['group:admin']}
USERS = {'receptionist' : 'receptionist'}
def groupfinder(userid, request):
print("It's here")
return ['group:admin']
from pyramid.security import Allow, Everyone
class Root(object):
def __acl__(self):
return [(Allow, Everyone, 'view'), (Allow, 'group:admin', 'edit')]
def __init__(self, request):
pass
我的视图默认值.py
...
@view_config(route_name='login', renderer='../templates/login.jinja2')
def login(request):
try:
if not ('user_name' in request.params and 'password' in request.params):
return {}
if request.params['user_name'] == '' or request.params['password'] == '':
raise Exception('Ada inputan yang kosong dari form')
match_ = request.dbsession.query(TblUser).filter_by(user_name=request.params['user_name'], user_password=request.params['password']).one()
username = request.params['user_name']
if match_ is not None:
headers = remember(request, username)
request.response.headerlist.extend(headers)
next_url = request.route_url('search-room')
return HTTPFound(location=next_url)
except Exception as e:
log.exception(str(e))
return {'code' : 'error', 'message' : str(e) }
...
@view_config(route_name='search-room', renderer='../templates/search-room.jinja2', permission='edit')
def search_room(request):
try:
if not ('floor' in request.params):
return {}
if request.params['floor'] == '':
raise Exception('Ada inputan yang kosong dari form')
query = request.dbsession.query(TblReservation)
result = query.join(TblRoom, aliased=True).filter_by(room_floor=request.params['floor']).all()
if result is None or len(result) < 1:
raise Exception("No row found")
return {'code' : 'ok', 'message' : '', 'content' : result }
except Exception as e:
log.exception(str(e))
return {'code' : 'error', 'message' : str(e), 'content' : ''}
。。。
@查看\u配置(路由\u name='login',renderer='../templates/login.jinja2')
def登录(请求):
尝试:
如果不是(request.params中的“用户名”和request.params中的“密码”):
返回{}
如果request.params['user\u name']=''或request.params['password']='':
提出例外情况(“Ada inputan yang kosong dari表格”)
match_u=request.dbsession.query(TblUser).filter_by(user_name=request.params['user_name'],user_password=request.params['password'])。one()
username=request.params['user\u name']
如果match_uu不是None:
headers=记住(请求、用户名)
请求.响应.标题列表.扩展(标题)
next\u url=request.route\u url('search-room')
返回HTTPFound(位置=下一个url)
例外情况除外,如e:
日志异常(str(e))
返回{'code':'error','message':str(e)}
...
@查看\u配置(路由\u name='search-room',渲染器='../templates/search-room.jinja2',权限='edit')
def搜索室(请求):
尝试:
如果不是,请求参数中的“楼层”:
返回{}
如果请求,参数['floor']='':
提出例外情况(“Ada inputan yang kosong dari表格”)
query=request.dbsession.query(TblReservation)
result=query.join(TblRoom,别名=True)。筛选依据(room\u floor=request.params['floor'])。all()
如果结果为None或len(结果)<1:
引发异常(“未找到行”)
返回{'code':'ok','message':'','content':result}
例外情况除外,如e:
日志异常(str(e))
返回{'code':'error','message':str(e),'content':''''}
回购协议中的完整代码
我至少将用户设置为需要进行身份验证和授权的“管理员”,这样它就可以获得“编辑”角色并访问“搜索室”页面
我现在得到的是登录过程已经完成,但它不会授予访问“搜索室”的权限,groupfinder从未被调用
我错过了什么(对运行一个diff以查找您遗漏的内容。好的。我将尝试解决此问题。这是因为包含cookie的标头没有保留。我遗漏了HTTPFound(location=next\u url)->HTTPFound(location=next\u url,headers=headers)@坎普纽:我有一个类似的错误,你能检查这个代码提供你的输入吗?事实上,我调用了记忆函数。