|
|
|
Initial velruse integration
This is just the first piece of performing the OpenID authentication. It
does not include logging in a principal in Pyramid.
Add velruse. Add "/auth" page with login link. Add "/authcallback" page
showing authentication results.
https://code.launchpad.net/~abentley/charmworld/velruse-integration/+merge/139305
(do not edit description out of merge proposal)
Patch Set 1 #
Total comments: 6
Patch Set 2 : Initial velruse integration #
Total messages: 5
|
abentley-home
Please take a look.
|
13 years, 1 month ago (2012年12月11日 20:00:01 UTC) #1 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Please take a look.
https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py File charmworld/__init__.py (right): https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py#newcode2 charmworld/__init__.py:2: from pyramid.session import UnencryptedCookieSessionFactoryConfig Should we look and see if there's an encrypted version to use instead ootb. https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py#newcode12 charmworld/__init__.py:12: my_session_factory = UnencryptedCookieSessionFactoryConfig('itsaseekreet') This should pull the session secret from the ini file. We can provide an initial in development.ini and should be overridden in production. https://codereview.appspot.com/6927049/diff/1/charmworld/routes.py File charmworld/routes.py (right): https://codereview.appspot.com/6927049/diff/1/charmworld/routes.py#newcode70 charmworld/routes.py:70: config.add_route('auth', '/auth') We don't need the auth route right? We can just add a link to the navigation with the openid_identifier=login.ubuntu.com?
Please take a look.
https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py File charmworld/__init__.py (right): https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py#newcode2 charmworld/__init__.py:2: from pyramid.session import UnencryptedCookieSessionFactoryConfig On 2012年12月11日 20:11:47, rharding wrote: > Should we look and see if there's an encrypted version to use instead ootb. There isn't one that I can see. https://codereview.appspot.com/6927049/diff/1/charmworld/__init__.py#newcode12 charmworld/__init__.py:12: my_session_factory = UnencryptedCookieSessionFactoryConfig('itsaseekreet') On 2012年12月11日 20:11:47, rharding wrote: > This should pull the session secret from the ini file. We can provide an initial > in development.ini and should be overridden in production. Done. https://codereview.appspot.com/6927049/diff/1/charmworld/routes.py File charmworld/routes.py (right): https://codereview.appspot.com/6927049/diff/1/charmworld/routes.py#newcode70 charmworld/routes.py:70: config.add_route('auth', '/auth') On 2012年12月11日 20:11:47, rharding wrote: > We don't need the auth route right? We can just add a link to the navigation > with the openid_identifier=login.ubuntu.com? Yes, I see this as a very temporary measure. Actually, I suspect we'll address this by creating a new provider that returns a URL containing openid_identifier=login.ubuntu.com from velruse.login_url
looks good to me given rick's comments. beaker incidentally has various permutations on session factories that are more secure (signed client cookies, backend storage) where we can store the user's openid session info in the future.