Authentication: Difference between revisions
| Line 44: | Line 44: | ||
_auth_providers = hook_runall("auth_provider") |
_auth_providers = hook_runall("auth_provider") |
||
def get_response(function(*args)): |
|||
for p in _auth_providers: |
|||
response = p.function(*args) |
|||
class AuthUserInterface(object): |
|||
def check_login(self, user, password): |
def check_login(self, user, password): |
||
response = get_response(check_login(user, password) |
|||
if response: |
|||
return response |
|||
return res |
|||
raise NotImplementedError</nowiki> |
raise NotImplementedError</nowiki> |
||
Revision as of 19:25, 2 May 2013
Designing Authentication API
To make our auth(entication) system more modular, we're likely going to have some sort of interface style API for it. This page is to design it.
Auth Plugin Design Pros/Cons
Interfacey Design w/o hooks:
Using an interface design similar to the Base Class design below. Calls would be added to _auth_providers list in the dummy class when setup_plugin is run. Each function in the dummy class would run through the _auth_providers list and return the response from the corresponding function from the last plugin in _auth_providers list.
Ex:
auth/__init__.py:
_auth_providers = []
def add_auth_provider(provider):
_auth_providers.append(provider)
class AuthUserInterface(object):
def check_login(self, user, password):
for p in _auth_providers:
res = p.check_login(user, password)
if res:
return res
raise NotImplementedError
auth_plugin/__init__.py:
def setup_plugin():
add_auth_provider(AuthPluginInterface())
Pros
Cons
- basically be duplicating the code for hook_handle
Interfacey Design w/ hooks:
Using an interface design similar to the Base Class design below and using hooks to register the auth_plugin interface.
Ex:
auth/__init__.py:
def setup_auth():
global _auth_providers
_auth_providers = hook_runall("auth_provider")
def get_response(function(*args)):
for p in _auth_providers:
response = p.function(*args)
class AuthUserInterface(object):
def check_login(self, user, password):
response = get_response(check_login(user, password)
if response:
return response
raise NotImplementedError
auth_plugin/__init__.py:
hooks = {"auth_provider": AuthUserInterface()}
Pros
Cons
- would basically be duplicating the code for hook_handle
Non-Interfacey Design w/ hooks for every call:
This design would have a plugin "template" in auth/__init__.py similar to the Interfacey designs, except that it would use hook_handle() for each function.
Ex.
auth/__init__.py:
def check_login(user, Password):
return hook_handle("auth_check_login", user, password)
auth_plugin/__init__.py:
hooks = {"auth_check_login": check_login
Pros
- Simpler to implement
Cons
__init__.py Base Class
- This is a brainstorm of some of the functions and variables that the base class should include.***
basic_auth = False # Will be used to render to correct forms if using both basic_auth and openid/persona
login_form = # Plugin LoginForm class
registration_form = # Plugin RegistrationForm class
class UserAuthInterface(object):
deg _raise_not_implemented(self):
# Will raise a warning if some component of this interface isn't implemented by an Auth plugin
def check_login(self, user, password):
return False
def get_user(self, *args):
# Will query database and will return a User() object
def create_user(self, *args):
# Will create a new user and save to the db.
# Will return User() object
def extra_validation(self, register_form, *args):
# Will query the db and add error messages to register_form if any.
# return true if able to create new user
def get_user_metadata(self, user):
# Return a nice object with metadata from auth provider. Used to pre-fill registration forms