websauna.system.auth.policy module

class websauna.system.auth.policy.SessionAuthenticationPolicy(prefix='auth.', callback=None, debug=False)[source]

Bases: pyramid.authentication.SessionAuthenticationPolicy

Session authentication policy which makes sure all responses get vary: Cookie.

Originally from https://github.com/pypa/warehouse/blob/master/warehouse/accounts/auth_policy.py

authenticated_at_key = 'authenticated_at'

Session has this key set to the timestamp when the user authentication happened. The key is removed when the user logs out.

forget(request)[source]

User logs out or is forced to be forgotten.

remember(request, userid, **kw)[source]

Store a userid in the session.

unauthenticated_at_key = 'unauthenticated_at'

This is the timestamp when this session logged out last time

unauthenticated_userid(request)[source]

What is the user id for unauthenticated users.