--- a/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Wed Jul 12 12:00:40 2017 +0200
+++ b/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Fri Oct 06 09:18:18 2017 +0200
@@ -16,6 +16,7 @@
# import packages
from pyams_security.utility import PyAMSAuthenticationPolicy
+from pyams_utils.request import PyAMSRequest
from pyams_utils.site import site_factory
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.config import Configurator
@@ -27,9 +28,14 @@
"""
registry = getGlobalSiteManager()
config = Configurator(registry=registry)
- config.setup_registry(root_factory=site_factory, settings=settings)
+ config.setup_registry(root_factory=site_factory,
+ request_factory=PyAMSRequest,
+ settings=settings)
authn_policy = PyAMSAuthenticationPolicy(secret='PyAMS 0.1.0',
+ http_only=True,
+ secure=True, # remove in development environment
+ # if you don't use HTTPS
credentials=('http',))
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(ACLAuthorizationPolicy())