identity.model [user registration and authorization for wsgi or pylons]
Update
I refined this thing a little further and decided to put it out on bitbucket while I work on it some more. Here's more info. You should probably assume this information is obsolete at this time.
I've been doing a lot of coding for some personal projects, discussion around user registration and authorization came up on the pylons mailing list recently. So I offered to throw my solution out there just in case someone might find it useful.
Basically I was inspired to write a component that I could easily integrate with any site I want to build since most of then time sites require that a user be able to register, login, logout and reset their password etc.... I learned a lot by writing this, and it works for me, but I'm not sure this is the best approach. However since it seems there are a lot of similar things written for pylons it, maybe there is no good approach. But hey, the more options the better.
You can get the code here . I'd be happy to hear what other pythonistas think of this approach.
From the docs...
Setting up identity.model for your application¶
identity.model is designed to be used as part of an applications wsgi stack. There are 2 parts you need to be concerned about.
- Authorization Middleware
- Registration Application
Authorization Middleware¶
The authorization middleware is essentially repoze.what middleware with a touch more configuration. identity.model is initialized here with a database configuration so that GroupSource and PermissionSource are ready and waiting when the repoze.what middleware is started.
Configuration¶
- what_config
- a path to an ini file used to configure repoze.what for the application. See repoze.what.plugins.config for more information.
- sqlalchemy.*
- config values used to initialize the engine to be used
For a complete example, see Using Paste Deploy
Registration Application¶
The registration application is a standalone wsgi application which you can use for basic user registration.
Configuration¶
- template
- the genshi template to use to render the registration application pages.
- email.activate_subject
- value will appear in subject of emails sent during registration.
- email.activate_body
- the genshi template to use when sending the activation email to the potentially new user.
- email.reset_body
- the genshi template to use when sending emails in response to a password reset request.
For a complete example, see Using Paste Deploy
Config Value Examples¶
template¶
All registration app webpages are passed to the configured template in a variable called “content”. So making a template that includes your site’s styles and structure should be sufficient for making registration integrated with your site.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude"> <xi:include href="site.html" /> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>Account Maintenance</title> </head> <body> ${content} </body> </html>
email.activate_subject¶
This is just a string value which will appear in the subject line of emails sent by the registration app. “Welcome to the site” would be typical.
email.activate_body¶
The body of activation emails will be rendered by this template.
Hi ${user_name} Thank you for registering, to complete the process you must now activate your account by clicking on the link below. ${activation_link} Thanks, Site
email.reset_body¶
The body of password reset emails will be rendered by this template.
Hi ${user_name} You can reset your password by following the link here. ${activation_link} Thanks, Site
Important URLs¶
If the registration application is mounted at “/register”, then you would probably want to incorporate these urls in various places in your app according to your needs.
- /register/
- url to registration form. this would be your “Create an Account” link in your app.
- /register/password_recovery
- url for starting the password reset process. this would be your “Reset Password” link.
Using Paste Deploy¶
The easiest way to configure your application is to use a Paste Deploy ini file. The following example is very similar to a typical pylons ini file. The difference is, instead of the pylons app being made main, we make a pipeline putting the authorization middleware in front of our composite application. The composite application then uses urlmap to mount the registration application at /register and our pylons app at root.
# # Site - Pylons development environment configuration # # The %(here)s variable will be replaced with the parent directory of this file # [DEFAULT] debug = true # Uncomment and replace with the address which should receive any error reports email_to = coder@mail.com smtp_server = smtp.mail.com error_email_from = app@mail.com admin_email = tom.willis@gmail.com #application specific smtp server smtp.server = smtp.mail.com smtp.port = 25 smtp.from = webmaster@mail.com smtp.user = smtp_user smtp.password = s3cr3t [server:main] use = egg:Paste#http host = 127.0.0.1 port = 5000 [pipeline:main] pipeline = auth site #identity.model auth middleware [filter:auth] use = egg:identity.model#config what_config = %(here)s/what.ini sqlalchemy.url = sqlite:///%(here)s/users.db sqlalchemy.echo = true #identity.model registration app [app:register] use = egg:identity.model#registration template = %(here)s/site/templates/registration.html email.activate_subject = Welcome To Site email.activate_body = %(here)s/site/templates/registration_email.txt email.reset_body = %(here)s/site/templates/password_reset_email.txt #identity.model registration app to be mounted at /register [composite:site] use = egg:Paste#urlmap / = content /register = register [app:content] use = egg:Site full_stack = true static_files = true #.. more app configuration ..
Post new comment