zope.authentication¶
This package provides a definition of authentication concepts for use in Zope Framework. This includes:
IAuthenticationIUnauthenticatedPrincipalILogout
Documentation is hosted at https://zopeauthentication.readthedocs.io/en/latest/
Contents:
Logout Support¶
Logout support is defined by a simple interface
zope.authentication.interfaces.ILogout:
>>> from zope.authentication.interfaces import ILogout
that has a single ‘logout’ method.
The current use of ILogout is to adapt an
zope.authentication.interfaces.IAuthentication instance to
ILogout. To illustrate, we’ll create a simple logout implementation that
adapts IAuthentication:
>>> from zope.component import adapter, provideAdapter
>>> from zope.interface import implementer
>>> from zope.authentication.interfaces import IAuthentication
>>> @adapter(IAuthentication)
... @implementer(ILogout)
... class SimpleLogout(object):
...
... def __init__(self, auth):
... pass
...
... def logout(self, request):
... print('User has logged out')
>>> provideAdapter(SimpleLogout)
and something to represent an authentication utility:
>>> @implementer(IAuthentication)
... class Authentication(object):
... pass
>>> auth = Authentication()
To perform a logout, we adapt auth to ILogout and call ‘logout’:
>>> logout = ILogout(auth)
>>> request = object()
>>> logout.logout(request)
User has logged out
The ‘NoLogout’ Adapter¶
The zope.authentication.logout.NoLogout class can be registered as
a fallback provider of ILogout for IAuthentication components that
are not otherwise adaptable to ILogout. NoLogout’s logout method
is a no-op.
>>> from zope.authentication.logout import NoLogout
>>> NoLogout(auth).logout(request)
Logout User Interface¶
Because some authentication protocols do not formally support logout, it may not be possible for a user to logout once he or she has logged in. In such cases, it would be inappropriate to present a user interface for logging out.
Because logout support is site-configurable, Zope provides an adapter that, when registered, indicates that the site is configured for logout. This class merely serves as a flag as it implements ILogoutSupported:
>>> from zope.authentication.logout import LogoutSupported
>>> from zope.authentication.interfaces import ILogoutSupported
>>> ILogoutSupported.implementedBy(LogoutSupported)
True
>>> ILogoutSupported.providedBy(LogoutSupported(request))
True
Principal Terms¶
Principal Terms are used to support browser interfaces for searching principal sources. They provide access to tokens and titles for values. The principal terms view uses an authentication utility to get principal titles. Let’s create an authentication utility to demonstrate how this works:
>>> class Principal(object):
... def __init__(self, id, title):
... self.id, self.title = id, title
>>> from zope.interface import implementer
>>> from zope.authentication.interfaces import IAuthentication
>>> from zope.authentication.interfaces import PrincipalLookupError
>>> @implementer(IAuthentication)
... class AuthUtility:
... data = {'jim': 'Jim Fulton', 'stephan': 'Stephan Richter'}
...
... def getPrincipal(self, id):
... title = self.data.get(id)
... if title is not None:
... return Principal(id, title)
... raise PrincipalLookupError
Now we need to install the authentication utility:
>>> from zope.component import provideUtility
>>> provideUtility(AuthUtility(), IAuthentication)
We need a principal source so that we can create a view from it.
>>> from zope.component import getUtility
>>> class PrincipalSource(object):
... def __contains__(self, id):
... auth = getUtility(IAuthentication)
... try:
... auth.getPrincipal(id)
... except PrincipalLookupError:
... return False
... else:
... return True
Now we can create an terms view and ask the terms view for terms:
>>> from zope.authentication.principal import PrincipalTerms
>>> terms = PrincipalTerms(PrincipalSource(), None)
>>> term = terms.getTerm('stephan')
>>> term.title
'Stephan Richter'
>>> term.token
u'c3RlcGhhbg__'
If we ask for a term that does not exist, we get a lookup error:
>>> terms.getTerm('bob')
Traceback (most recent call last):
...
LookupError: bob
If we have a token, we can get the principal id for it.
>>> terms.getValue('c3RlcGhhbg__')
u'stephan'
Changes¶
5.1 (unreleased)¶
- Nothing changed yet.
5.0 (2023-01-06)¶
- Add support for Python 3.10, 3.11.
- Drop support for Python 2.7, 3.5, 3.6.
4.5.0 (2021-03-19)¶
- Add support for Python 3.8 and 3.9.
- Drop support for Python 3.4.
- Fix deprecated test imports from zope.component to use the correct imports from zope.interface.
4.4.0 (2018-08-24)¶
- Host documentation at https://zopeauthentication.readthedocs.io
- Add support for Python 3.7.
- Drop support for Python 3.3.
- Drop support for
python setup.py test.
4.3.0 (2017-05-11)¶
- Add support for Python 3.5 and 3.6.
- Drop support for Python 2.6 and 3.2.
4.2.1 (2015-06-05)¶
- Add support for PyPy3 and Python 3.2.
4.2.0 (2014-12-26)¶
- Add support for PyPy. PyPy3 support is blocked on a release of a fix for: https://bitbucket.org/pypy/pypy/issue/1946
- Add support for Python 3.4.
- Add support for testing on Travis.
4.1.0 (2013-02-21)¶
- Add support for Python 3.3.
- Add
tox.iniandMANIFEST.in.
4.0.0 (2012-07-04)¶
Break inappropriate testing dependency on
zope.component.nextutility.(Forward-compatibility with
zope.component4.0.0).Replace deprecated
zope.component.adaptsusage with equivalentzope.component.adapterdecorator.Replace deprecated
zope.interface.implementsusage with equivalentzope.interface.implementerdecorator.Drop support for Python 2.4 and 2.5.
3.7.1 (2010-04-30)¶
- Remove undeclared testing dependency on
zope.testing.
3.7.0 (2009-03-14)¶
Initial release. This package was split off from zope.app.security to
provide a separate common interface definition for authentication utilities
without extra dependencies.
Project URLs¶
- https://pypi.python.org/pypi/zope.authentication (PyPI entry and downloads)