Identification and authentication framework for WSGI applications.
Latest commit 2df8f07 Jun 3, 2016 @tseaver tseaver Garden / modernize README.
- Add sections on installation, usage, bug reporting, and source checkouts.

[ci skip]


repoze.who Documentation Status

repoze.who is an identification and authentication framework for arbitrary WSGI applications. repoze.who can be configured either as WSGI middleware or as an API for use by an application.

repoze.who is inspired by Zope 2's Pluggable Authentication Service (PAS) (but repoze.who is not dependent on Zope in any way; it is useful for any WSGI application). It provides no facility for authorization (ensuring whether a user can or cannot perform the operation implied by the request). This is considered to be the domain of the WSGI application.


Install using setuptools, e.g. (within a virtualenv):

$ easy_install repoze.who

or using pip:

$ pip install repoze.who


For details on using the various components, please see the documentation in docs/index.rst. A rendered version of that documentation is also available online:

Reporting Bugs

Please report bugs in this package to

Obtaining Source Code

Download development or tagged versions of the software by visiting: