-
Notifications
You must be signed in to change notification settings - Fork 421
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate authn/authz to security policies of Pyramid 2 #2897
Comments
Yes, pyramid official docs recommended did it in this way. But in my projects i still stuck with old api :) Also Maybe it make sense replace |
@slav0nic was suggesting to look at hypothesis/h#6595 |
In Pyramid 2, the concepts of authentication and authorization was replaced by a single one: security policies. The concept of principals was replaced with the concept of identity.
Kinto continues to work thanks to this backward compatibility layer
LegacySecurityPolicy
.In Kinto, the authorization is implemented in core, and the authentication via plugins.
In order to support the new system, Kinto would have to setup a single security policy, whose authorization part would be similar to what we currently have, and the authentication part from
pyramid-multiauth
could be rewritten as a helper (composition pattern)./cc @slav0nic
The text was updated successfully, but these errors were encountered: