--- a/{{cookiecutter.project_slug}}/buildout.cfg Thu Oct 25 17:46:26 2018 +0200
+++ b/{{cookiecutter.project_slug}}/buildout.cfg Thu Jun 20 12:54:12 2019 +0200
@@ -36,6 +36,7 @@
msgpack-python
pyams_cache
pyams_notify_ws
+ pyams_security
pyams_utils
pyramid
websockets
--- a/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Thu Oct 25 17:46:26 2018 +0200
+++ b/{{cookiecutter.project_slug}}/{{cookiecutter.webapp_name}}/__init__.py Thu Jun 20 12:54:12 2019 +0200
@@ -10,13 +10,12 @@
# FOR A PARTICULAR PURPOSE.
#
-# import standard packages
-
-# import interfaces
+from pyramid.authorization import ACLAuthorizationPolicy
+from pyramid.config import Configurator
+from pyramid.settings import asbool
-# import packages
-from pyams_utils.registry import set_local_registry, get_global_registry
-from pyramid.config import Configurator
+from pyams_security.utility import PyAMSAuthenticationPolicy
+from pyams_utils.registry import get_global_registry, set_local_registry
def main(global_config, **settings):
@@ -28,5 +27,12 @@
config = Configurator(registry=registry)
config.setup_registry(settings=settings)
+ authn_policy = PyAMSAuthenticationPolicy(secret='PyAMS 0.1.0',
+ http_only=True,
+ secure=asbool(settings.get('pyams.authentication_policy.secure', True)),
+ credentials=('http',))
+ config.set_authentication_policy(authn_policy)
+ config.set_authorization_policy(ACLAuthorizationPolicy())
+
config.scan()
return config.make_wsgi_app()