Modules¶
wheezy.security¶
Demand the user accessing protected resource is authenticated and optionally in one of allowed
roles
.Requires wrapped object to provide attribute principal.
roles
- a list of authorized roles.Here is an example:
from wheezy.security.principal import Principal class Context(object): principal = None @authorized def op_a(self): return True @authorized(roles=('operator',)) def op_b(self): return True
wheezy.security.authorization¶
authorization
module.
Demand the user accessing protected resource is authenticated and optionally in one of allowed
roles
.Requires wrapped object to provide attribute principal.
roles
- a list of authorized roles.Here is an example:
from wheezy.security.principal import Principal class Context(object): principal = None @authorized def op_a(self): return True @authorized(roles=('operator',)) def op_b(self): return True
wheezy.security.errors¶
errors
module.
wheezy.security.principal¶
principal
module.
wheezy.security.crypto¶
crypto
package.
-
class
wheezy.security.crypto.
Ticket
(max_age=900, salt='', digestmod=None, cypher=None, options=None)[source]¶ Protects sensitive information (e.g. user id).
Default policy applies verification and encryption. Verification is provided by
hmac
initialized withsha1
digestmod. Encryption is provided if available, by default it attempts to use AES cypher.
wheezy.security.crypto.ticket¶
crypto
module.
-
class
wheezy.security.crypto.ticket.
Ticket
(max_age=900, salt='', digestmod=None, cypher=None, options=None)[source]¶ Protects sensitive information (e.g. user id).
Default policy applies verification and encryption. Verification is provided by
hmac
initialized withsha1
digestmod. Encryption is provided if available, by default it attempts to use AES cypher.
wheezy.security.crypto.padding¶
padding
module.
see http://www.di-mgt.com.au/cryptopad.html
-
wheezy.security.crypto.padding.
pad
(s, block_size)[source]¶ Pad with zeros except make the last byte equal to the number of padding bytes.
The convention with this method is usually always to add a padding string, even if the original plaintext was already an exact multiple of block_size bytes.
s
- byte string.