Metadata-Version: 1.1
Name: pyramid_ipauth
Version: 0.3.3
Summary: pyramid_ipauth
Home-page: https://github.com/mozilla-services/pyramid_ipauth
Author: Mozilla Services
Author-email: services-dev@mozilla.org
License: UNKNOWN
Description: ==============
        pyramid_ipauth
        ==============
        
        An authentication policy for Pyramid that sets identity and effective
        principals based on the remote IP address of the request.
        
        
        Overview
        ========
        
        To perform IP-address-based authentication, create an IPAuthenticationPolicy
        and specify the target IP range, userid and effective principals.  Then set it
        as the authentication policy in your configurator::
        
            authn_policy = IPAuthenticationPolicy("127.0.*.*", "myuser", ["locals"])
            config.set_authentication_policy(authn_policy)
        
        This will cause all requests from IP addresses in the 127.0.*.* range to be
        authenticated as user "myuser" and have the effective principal "locals".
        
        It is also possible to specify the configuration options in your deployment
        file::
        
            [app:pyramidapp]
            use = egg:mypyramidapp
        
            ipauth.ipaddrs = 127.0.0.* 127.0.1.*
            ipauth.principals = locals
        
        You can then simply include the pyramid_ipauth package into your configurator::
        
            config.include("pyramid_ipauth")
        
        It will detect the ipauth settings and construct an appropriate policy.
        
        Note that this package only supports matching against a single set of IP
        addresss.  If you need to assign different credentials to different sets
        of IP addresses, you can use the pyramid_multiauth package in conjunction
        with pyramid_ipauth:
        
            http://github.com/mozilla-services/pyramid_multiauth
        
        If you don't want to hard-code the userid or principals at configuration time,
        you may specify a "get_userid" and/or "get_principals" callback instead.
        
        
        Specifying IP Addresses
        =======================
        
        IP addresses can be specified in a variety of forms, including:
        
            * "all":        all possible IPv4 and IPv6 addresses
            * "local":      all local addresses of the machine
            * "A.B.C.D"     a single IP address
            * "A.B.C.D/N"   a network address specification
            * "A.B.C.*"     a glob matching against all possible numbers
            * "A.B.C.D-E"   a glob matching against a range of numbers
            * a whitespace- or comma-separated string of any of the above
            * a netaddr IPAddress, IPRange, IPGlob, IPNetork of IPSet object
            * a list, tuple or iterable of any of the above
        
        
        Proxies
        =======
        
        This module does not respect the X-Forwarded-For header by default, since it
        can be spoofed easily by malicious clients.  If your server is behind a 
        trusted proxy that sets the X-Forwarded-For header, you should explicitly
        declare the set of trusted proxies like so::
        
            IPAuthenticationPolicy("127.0.*.*",
                                   principals=["local"],
                                   proxies = "127.0.0.1")
        
        The set of trusted proxy addresses can be specified using the same syntax as
        the set of IP addresses to authenticate.
        
        
        0.3.3 - 2017-02-02
        ==================
        
        - Fix splitting ipset strings on whitespace; thanks @kaleposhobios
        
        0.3.2 - 2017-01-22
        ==================
        
        - Resolve some warnings and clean up some tests; thanks Scott Searcy
        
        0.3.1 - 2016-03-18
        ==================
        
        - Fixes for python3 compatibility
        
        0.3.0 - 2016-03-18
        ==================
        
        - Add support for python3
        
        
        0.2.0 - 2013-10-14
        ==================
        
        - Add get_userid and get_principals callback functions; thanks mrijken
        - Convert principals into a list if necessary; thanks janakj
        
        
        0.1.1 - 2012-01-30
        ==================
        
        - Update license to MPL 2.0
        
        
        0.1.0 - 2011-11-11
        ==================
        
        - Initial release
        
Keywords: web pyramid pylons authentication
Platform: UNKNOWN
Classifier: Programming Language :: Python
Classifier: Framework :: Pylons
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3.1
Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
