Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Authentication and authorization framework for CherryPy

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 lg_authority
Octocat-spinner-32 .gitignore
Octocat-spinner-32 README
Octocat-spinner-32 setup.cfg
Octocat-spinner-32 setup.py
README
lg_authority - A general purpose, multi-backend capable authentication and permissions framework for CherryPy.
=================================================

Dependencies
============
Required:
    cherrypy

Optional:
    pymongo - For MongoDB backend
    python-openid - For Open ID support


Installation
============
1. git clone git://github.com/wwoods/lamegame_cherrypy_authority.git
2. cd lamegame_cherrypy_authority
3. sudo python setup.py install (or python setup.py install --user to install without sudo)


Example Usage (just want to block out non-logged-in users)
==========================================================
import cherrypy
import lg_authority

@lg_authority.groups('auth')
class Root(object):
    auth = lg_authority.AuthRoot()

    @cherrypy.expose
    def index(self):
        return "Logged in!"

cherrypy.config.update({ 
    'tools.lg_authority.on': True, 
    # Uncomment the following two lines to persist changed user / group data
    # 'tools.lg_authority.site_storage': 'sqlite3', 
    # 'tools.lg_authority.site_storage_conf': { 'file': 'test.db' } })
cherrypy.quickstart(Root())


Storage Options
===============

The different storage options are laid out in lg_authority/slates/storage.  Currently, there are the following and their options:

ram - Store session and user data in memory only; it will get erased when the
    server restarts, and does not support coordination between different 
    instances.
    Options: No options.

sqlite3 - Store session in a sqlite3 file database.  Data is persisted through 
    the file.
    Options: file - The file to store session and user information in.

pymongo - Store session information in a mongodb backend.
    Options:
        host - The host address of the mongodb server to connect to
        port - The port
        db - The name of the mongodb database to store auth collections in
        collection_base - An optional prefix for all of the collections created
            and maintained by lg_authority.


OpenID
======

Being an openID server
======================
If python-openid is installed, then there is an OpenID endpoint set up automatically at (authroot)/openid.  If you would like your site root to be an open ID endpoint, put the following meta tag in the index page (e.g. http://www.lamegameproductions.com):

<meta http-equiv="x-xrds-location" content="https://www.lamegameproductions.com/auth/openid/xrds" />

Replace www.lamegameproductions.com/auth with your auth root.  It is probably wise to ensure that the xrds location is accessed through https.

Users may also use the /auth/openid URL as an endpoint, even if you don't put that meta tag on your root.

Something went wrong with that request. Please try again.