Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
47 lines (31 sloc) 1.18 KB

Request flow

  1. The publisher asks the PluggableAuthService to validate the user's access to a given object:

    groups.validate( request, auth, roles )
    
  2. PluggableAuthService polls its authentication plugins in order, asking each in turn for a user:

    for id, plugin in self.listAuthenticationPlugins():
    
        try:
            user = plugin( request, auth )
    
        except Unauthorized:
            self.dispatchChallenge( request )
    
        else:
            user.setAuthenticationSource( id )
            break
    
    else:
        user = self.createAnonymousUser()
    
  3. PluggableAuthService allows each of its decorator plugins to annotate the user:

    for id, plugin in self.listDecoratorPlugins():
    
        known, schema, data = plugin( user )
    
        if known:
            sheet = UserPropertySheet( id, schema, **data )
            user.addPropertySheet( id, sheet )
    
  4. PluggableAuthService allows each of its group plugins to assert groups for the user:

    for id, plugin in self.listGroupPlugins():
    
        groups = plugin( user )
        user.addGroups( groups )
    
  5. PluggableAuthService returns the annotated / group-ified user to the publisher.

You can’t perform that action at this time.