LaunchKey Pyramid

LaunchKey-Pyramid on GitHub.

For using LaunchKey authentication with the Pyramid web framework.

Description

LaunchKey-Pyramid uses LaunchKey's Python SDK as well as built in session management to provide authentication for Pyramid applications.

Installation

$ easy_install launchkey-pyramid

or

$ pip install launchkey-pyramid

Usage

App init.py Configuration

from pyramid.session import UnencryptedCookieSessionFactoryConfigUnencryptedCookieSessionFactoryConfig

# Note that sessions are necessary for launchkey-pyramid
session_factory = UnencryptedCookieSessionFactoryConfig('secret_session_key')
config.set_session_factory(session_factory)

config.include('pyramid_launchkey')
config.launchkey_setup(
    app_key='1234567890',
    secret_key='abcdefghijklmnopqrstuvwxyz123456',
    private_key_path='/path/to/private_key.key'
)

Sessions must be used and pyramid_launchkey should be set up.

Using LaunchKey Authentication in Views

Initial configuration

class MyAppViews(object):
    def __init__(self, request):
        self.request = request
        self.logged_in = authenticated_userid(request)
        self.launchkey = get_launchkey_manager(self.request)

using transactions, sessions, or both

If you want to use both transactions and sessions, it is recommended to use two separate managers. This is done to prevent session requests and auth requests from being lost when a transaction is called, which would otherwise make clearing impossible from inside the app. Manager designation is done through the id parameter, which can be anything as long as it is unique.

class MyAppViews(object):
    def __init__(self, request):
        self.request = request
        self.logged_in = authenticated_userid(request)
        self.launchkey_session_manager = get_launchkey_manager(self.request, id = 'sessions')
        self.launchkey_transaction_manager = get_launchkey_manager(self.request, id = 'transactions', use_session = False)

A series of callback URLs are necessary for each authentication step. Generally these would be JSON based API calls.

Example implementation is below:

Initial authorize step to initiate the process.

@view_config(route_name='_authorize', renderer='json')
def auth_user(self):
    auth_request = None
    if 'username' in self.request.POST:
        # Retrieve form input
        username = self.request.POST['username']
        # Generate an auth request
        auth_request = self.launchkey.authorize(username)
    # The returned value is a boolean based on the success of the request
    return {'response': auth_request}

Polling to see if the user has responded to an auth request.

@view_config(route_name='_poll', renderer='json')
def response_poll(self):
    # Check for a user response to login request
    poll_response = self.launchkey.poll_request()
    # The returned value is a boolean based on whether the user has responded yet
    return {'response': poll_response }

Once the user has launched, verify that they are authorized. Then log them in.

@view_config(route_name='_isauthorized', renderer='json')
def is_authorized(self):
    # Check if the user is authorized
    auth_response = self.launchkey.is_authorized()
    if auth_response:
        # User has been authorized, so log them in
        headers = remember(self.request, self.launchkey.username, max_age='86400')
        return HTTPFound('/_verify_login', headers=headers)
    # If this value is returned it will be False or None, which means the user is not authorized
    return {'response': auth_response}

Verify that the user is logged into Pyramid (Not required but it was used as a redirect for establishing a login session).

@view_config(route_name='_verify_login', renderer='json')
def verify_login(self):
    # Check if the user has been logged in successfully
    return {'response': isinstance(self.logged_in, unicode)}

Logging the user out.

@view_config(route_name='_deauth', renderer='json')
def deauth_user(self):
    # clear from LaunchKey
    success = self.launchkey.logout()
    if success:
        # Deauth from Pyramid
        headers = forget(self.request)
        return HTTPFound('/_verify_login', headers=headers)
    else:
        return {'response': success}

Tests

$ python setup.py test

User Contributed

LaunchKey links to user contributed code as a resource to its community. LaunchKey does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to LaunchKey immediately and we will investigate the claim. Submit any issue to LaunchKey support at https://launchkey.com./support. ×