Authentication¶
Overview¶
A default authentication stack is provided by the pyramid_cubicweb.auth
module, which is included by pyramid_cubicweb.default
.
The authentication stack is built around pyramid_multiauth, and provides a few default policies that reproduce the default cubicweb behavior.
Note
Note that this module only provides an authentication policy, not the views that handle the login form. See pyramid_cubicweb.login
Customize¶
The default policies can be individually deactivated, as well as the default authentication callback that returns the current user groups as principals.
The following settings can be set to False:
cubicweb.auth.update_login_time
. Activate the policy that update the user login_time when remember is called.cubicweb.auth.authtkt
and all its subvalues.cubicweb.auth.groups_principals
Additionnal policies can be added by accessing the MultiAuthenticationPolicy instance in the registry:
mypolicy = SomePolicy()
authpolicy = config.registry['cubicweb.authpolicy']
authpolicy._policies.append(mypolicy)