Mercurial Mercurial > pyams > scaffolds > pyams / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated authentication policy 0.1.5
authorThierry Florac <thierry.florac@onf.fr>
Fri, 06 Oct 2017 09:18:18 +0200
changeset 15 ec047632ceb5
parent 14 db91044a173e
child 16 9d1956a891fb
Updated authentication policy
{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py file | annotate | diff | comparison | revisions 
--- a/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py	Wed Jul 12 12:00:40 2017 +0200
+++ b/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py	Fri Oct 06 09:18:18 2017 +0200
@@ -16,6 +16,7 @@
 
 # import packages
 from pyams_security.utility import PyAMSAuthenticationPolicy
+from pyams_utils.request import PyAMSRequest
 from pyams_utils.site import site_factory
 from pyramid.authorization import ACLAuthorizationPolicy
 from pyramid.config import Configurator
@@ -27,9 +28,14 @@
     """
     registry = getGlobalSiteManager()
     config = Configurator(registry=registry)
-    config.setup_registry(root_factory=site_factory, settings=settings)
+    config.setup_registry(root_factory=site_factory,
+                          request_factory=PyAMSRequest,
+                          settings=settings)
 
     authn_policy = PyAMSAuthenticationPolicy(secret='PyAMS 0.1.0',
+                                             http_only=True,
+                                             secure=True,  # remove in development environment
+                                                           # if you don't use HTTPS
                                              credentials=('http',))
     config.set_authentication_policy(authn_policy)
     config.set_authorization_policy(ACLAuthorizationPolicy())
pyams/scaffolds/pyams