factored A WSGI app that allows you to add another factor of authentication to any application server
Download

factored Ranking & Summary

factored Tags

server authentication WSGI WSGI application server authentication WSGI app

factored Description

factored is a WSGI application that forces authentication before is passed to the wsgi application.This can also be used as a proxy for non-wsgi apps.Installusing virtualenv:virtualenv factoredcd factoredgit clone git://github.com/vangheem/factored.gitcd factored../bin/python setup.py develop../bin/initializedb develop.ini../bin/adduser develop.ini --username=john@foo.bar../bin/paster serve develop.ini../bin/removeuser develop.ini --username=john@foo.barConfigurationMust follow the example develop.ini provided. You'll probably want to copy that file into your own and change the settings.Edit server and port settings for application server if not using with another wsgi application.Paste configuration optionsappname Appened to google auth keys so it doesn't overwrite others.auth_tkt. prefixed options Configuration options that are passed directly into repoze.who's auth_tkt plugin.auth_timeout The amount of time in seconds a normal authentication session is valid for.auth_remember_timeout The amount of time in seconds the authentication seesion is valid for when the user clicks "remember me."base_auth_url Base url all authentication urls and resources are based off of. Useful if you're only looking to authenticate a portion of a site.supported_auth_schemes Supported authentication schemes.email_auth_window If using email authentication, the window of time the user has to enter correct code in.email_auth.subject Email authencation subject used.email_auth.sender Email authentication from address.email_auth.body Email Authentication text body. {code} will be replaced with the code.pyramid. prefixed options Configuration passed directly into pyramid configuration.sqlalchemy.url Connection string for sql backend. Most configurations will work fine with normal sqlite.mail. prefixed options Configuration passed directly to the mailer plugin. Options can be found at http://packages.python.org/pyramid_mailer/#configurationautouserfinder Specify a plugin that will automatically find users for the system to allow authentication for. Pre-packaged plugins include SQL and Email Domain.allowgooglecodereminder (true|false) value defaulting to false that allows the user, if the username is an email, to get a reminder of their code sent to them.allowgooglecodereminder.subject If using allowing code reminders, the email subject of reminderallowgooglecodereminder.sender If using allowing code reminders, the email from address of reminderallowgooglecodereminder.body If using allowing code reminders, the email body of reminderautouserfinder SQL configuration optionsautouserfinder.connection_string sqlalchemy connection string to connection to the database.autouserfinder.table_name Name of the table to lookup users in.autouserfinder.email_field Name of the field to find the usernames(could be username or email field).autouserfinder Email Domain configuration optionsautouserfinder.valid_domains List of valid domains to automatically create users for.Nginx Example ConfigurationAn example setup with nginx and load balancing:server { listen 80; server_name www.test.com; include proxy.conf; # paths to protect location ~ ^/admin.* { proxy_pass http://127.0.0.1:8000; } location / { proxy_pass http://app; }}server { listen 8090; include proxy.conf; location / { proxy_pass http://app; }}Then factored would be configured to run on port 8000 and proxy to 8090 and have base_auth_url url set to /admin/auth.Sample Paste ConfigurationAn example to follow if you're not using a git checkout:use = egg:factored#simpleproxyserver = 127.0.0.1port = 8090use = egg:factored#mainnext = proxyappname = REPLACEMEauth_tkt.secret = REPLACEMEauth_tkt.cookie_name = factoredauth_tkt.secure = falseauth_tkt.include_ip = trueauth_timeout = 7200auth_remember_timeout = 604800base_auth_url = /authsupported_auth_schemes = Google Auth Emailemail_auth_window = 120# in secondsemail_auth.subject = Authentication Requestemail_auth.sender = foo@bar.comemail_auth.body = You have requested authentication. Your temporary access code is: {code}autouserfinder = SQLautouserfinder.table_name = usersautouserfinder.email_field = emailautouserfinder.connection_string = sqlite:///%(here)s/users.dballowgooglecodereminder = trueallowgooglecodereminder.subject = Authentication code reminderallowgooglecodereminder.sender = foo@bar.comallowgooglecodereminder.body = You have requested code reminder. Your google auth code url is: {code}pyramid.reload_templates = truepyramid.debug_authorization = truepyramid.debug_notfound = truepyramid.debug_routematch = truepyramid.default_locale_name = enpyramid.includes = pyramid_tm pyramid_mailersqlalchemy.url = sqlite:///%(here)s/test.db# all mail settings can be found at http://packages.python.org/pyramid_mailer/#configurationmail.host = localhostmail.port = 25use = egg:Paste#http# Change to 0.0.0.0 to make public:host = 127.0.0.1port = 8000With GunicornInstall:../bin/easy_install gunicornto run:../bin/gunicorn_paste --workers=2 develop.iniProduct's homepage

factored Related Software