sentry.auth.base – sentry.auth.base module reference

class sentry.auth.base.AlwaysAuth

Bases: sentry.auth.base.BaseAuth Authentication object that always succeeds.

>>> a = AlwaysAuth()
>>> a.authenticate("test", "test")
True

authenticate(username, password)

class sentry.auth.base.AnyAuth(*children)

Bases: sentry.auth.base.BaseAuth Combine multiple authentication objects, so that any one must succeed for this object to succeed. (logical OR)

>>> a1 = AlwaysAuth()
>>> a2 = NeverAuth()
>>> c = AnyAuth(a1, a2)
>>> c.authenticate("test", "test")
True

>>> a3 = NeverAuth()
>>> c = CombineAuth(a2, a3)
>>> c.authenticate("test", "test")
False

authenticate(username, password)

class sentry.auth.base.AuthenticationResponse(valid, reason=None, data={})

Bases: object An object representing whether or not authentication succeded. Extra data can be stored in the data attribute, which is then available to callers. Possible uses for this would be to return a uid for the given username, group memberships, or special privileges.

The reason attribute could be set explaining why authentication failed. Create an AuthenticationResponse object.

valid must be a boolean, or something that can be treated as a truth value, as this is used by the __nonzero__ method to determine if this AuthenticationResponse object is valid or not.

class sentry.auth.base.BaseAuth

Bases: object The base authentication class.

Subclasses must provide an authenticate method which takes a username and password and returns an AuthenticationResponse object.

subclasses may a getAuthInfo method to return the specified user’s password. Hopefully it’s salted and hashed.

authenticate(username, password)

Returns an AuthenticationResponse object for the given username/ password.

Must be implemented by a subclass.

getAuthInfo(username)

subclasses may implement this to return the specified user’s password. Hopefully it’s salted and hashed.

class sentry.auth.base.ChooseAuth(mapper, **children)

Bases: sentry.auth.base.BaseAuth Choose an authentication object based on the username.

mapper is a function that returns the name of one of the authentication objects in **children for a given username

**children is a mapping of authentication names to authentication objects

>>> a1 = AlwaysAuth()
>>> a2 = NeverAuth()

>>> mapping = {"test": "always", "test2": "never"}
>>> c = ChooseAuth(lambda u: mapping.get(u), always=a1, never=a2)

>>> c.authenticate("test", "test")
True

>>> c.authenticate("test2", "test")
False

authenticate(username, password)

class sentry.auth.base.CombineAuth(*children)

Bases: sentry.auth.base.BaseAuth Combine multiple authentication objects, so that all must succeed for this object to succeed. (logical AND)

>>> a1 = AlwaysAuth()
>>> a2 = AlwaysAuth()
>>> c = CombineAuth(a1, a2)
>>> c.authenticate("test", "test")
True

>>> a3 = NeverAuth()
>>> c = CombineAuth(a1, a2, a3)
>>> c.authenticate("test", "test")
False

authenticate(username, password)

class sentry.auth.base.NeverAuth

Bases: sentry.auth.base.BaseAuth Authentication object that never succeeds.

>>> a = NeverAuth()
>>> a.authenticate("test", "test")
False

authenticate(username, password)

class sentry.auth.base.NotAuth(child)

Bases: sentry.auth.base.BaseAuth Authentication object that reverses the validity of the child authentication object.

>>> a = NotAuth(AlwaysAuth())
>>> a.authenticate("test", "test")
False

>>> a = NotAuth(NeverAuth())
>>> a.authenticate("test", "test")
True

authenticate(username, password)

sentry.auth.base.simpleauth(f)

A simple decorator for when your authenticate method just returns True or False.