equal
deleted
inserted
replaced
20 from pyams_utils.request import PyAMSRequest |
20 from pyams_utils.request import PyAMSRequest |
21 from pyams_utils.site import site_factory |
21 from pyams_utils.site import site_factory |
22 from pyramid.authorization import ACLAuthorizationPolicy |
22 from pyramid.authorization import ACLAuthorizationPolicy |
23 from pyramid.config import Configurator |
23 from pyramid.config import Configurator |
24 from pyramid.csrf import CookieCSRFStoragePolicy |
24 from pyramid.csrf import CookieCSRFStoragePolicy |
|
25 from pyramid.settings import asbool |
25 |
26 |
26 |
27 |
27 def main(global_config, **settings): |
28 def main(global_config, **settings): |
28 """ This function returns a Pyramid WSGI application. |
29 """ This function returns a Pyramid WSGI application. |
29 """ |
30 """ |
33 request_factory=PyAMSRequest, |
34 request_factory=PyAMSRequest, |
34 settings=settings) |
35 settings=settings) |
35 |
36 |
36 authn_policy = PyAMSAuthenticationPolicy(secret='PyAMS 0.1.0', |
37 authn_policy = PyAMSAuthenticationPolicy(secret='PyAMS 0.1.0', |
37 http_only=True, |
38 http_only=True, |
38 secure=True, # remove in development environment |
39 secure=asbool(settings.get('pyams.authentication_policy.secure', True)), |
39 # if you don't use HTTPS |
|
40 credentials=('http',)) |
40 credentials=('http',)) |
41 config.set_authentication_policy(authn_policy) |
41 config.set_authentication_policy(authn_policy) |
42 config.set_authorization_policy(ACLAuthorizationPolicy()) |
42 config.set_authorization_policy(ACLAuthorizationPolicy()) |
43 config.set_csrf_storage_policy(CookieCSRFStoragePolicy()) |
43 config.set_csrf_storage_policy(CookieCSRFStoragePolicy()) |
44 config.set_default_csrf_options(require_csrf=True) |
44 config.set_default_csrf_options(require_csrf=True) |