-
Notifications
You must be signed in to change notification settings - Fork 16
Security
Aurelie JAMBON edited this page Dec 6, 2019
·
3 revisions
In EcoRelevé, security is managed through a security object implementing IAuthentificationpolicy interface which permits to observe Pyramid authentication. Here it expects to read a cookie which should contain a JSON WEB TOKEN with the connected user’s roles information.
- When a request is sent, the first step consists in verifying the presence of a valid cookie thanks to the unauthenticated_userid method, which will then return the cookie’s content.
- After that, the cookie’s content can be verified by the authenticated_userid method through a comparison with data base’s information at the time of the request.
- According to the action requested (read, create, update, delete), Pyramid compares the roles sent by the function effective_principals with the ones needed to perform the action. If the roles’ fitting condition is fulfilled, the request can try to carry out the action (depending on other potential constraints).