EVOLUTION-MANAGER
Edit File: faswho.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>FASWho Plugin — python-fedora 0.10.0 documentation</title> <link rel="stylesheet" href="_static/default.css" type="text/css" /> <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT: '', VERSION: '0.10.0', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="_static/jquery.js"></script> <script type="text/javascript" src="_static/underscore.js"></script> <script type="text/javascript" src="_static/doctools.js"></script> <link rel="search" type="application/opensearchdescription+xml" title="Search within python-fedora 0.10.0 documentation" href="_static/opensearch.xml"/> <link rel="top" title="python-fedora 0.10.0 documentation" href="index.html" /> <link rel="up" title="Authentication to FAS" href="auth.html" /> <link rel="next" title="JavaScript" href="javascript.html" /> <link rel="prev" title="FAS Flask OpenID Auth Plugin" href="flask_fas_openid.html" /> </head> <body> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="genindex.html" title="General Index" accesskey="I">index</a></li> <li class="right" > <a href="py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="javascript.html" title="JavaScript" accesskey="N">next</a> |</li> <li class="right" > <a href="flask_fas_openid.html" title="FAS Flask OpenID Auth Plugin" accesskey="P">previous</a> |</li> <li><a href="index.html">python-fedora 0.10.0 documentation</a> »</li> <li><a href="auth.html" accesskey="U">Authentication to FAS</a> »</li> </ul> </div> <div class="document"> <div class="documentwrapper"> <div class="bodywrapper"> <div class="body"> <div class="section" id="faswho-plugin"> <h1>FASWho Plugin<a class="headerlink" href="#faswho-plugin" title="Permalink to this headline">¶</a></h1> <table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">Authors:</th><td class="field-body">Luke Macken Toshio Kuratomi</td> </tr> <tr class="field-even field"><th class="field-name">Date:</th><td class="field-body">3 September 2011</td> </tr> </tbody> </table> <p>This plugin provides authentication to the Fedora Account System using the <cite>repoze.who</cite> WSGI middleware. It is designed for use with <a class="reference internal" href="glossary.html#term-turbogears2"><em class="xref std std-term">TurboGears2</em></a> but it may be used with any <cite>repoze.who</cite> using application. Like <a class="reference internal" href="auth.html#jsonfas2"><em>TurboGears Identity Provider 2</em></a>, faswho has builtin <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> protection. This protection is implemented as a second piece of middleware and may be used with other <cite>repoze.who</cite> authentication schemes.</p> <div class="section" id="authenticating-against-fas-with-turbogears2"> <h2>Authenticating against FAS with TurboGears2<a class="headerlink" href="#authenticating-against-fas-with-turbogears2" title="Permalink to this headline">¶</a></h2> <p>Setting up authentication against FAS in <a class="reference internal" href="glossary.html#term-turbogears2"><em class="xref std std-term">TurboGears2</em></a> is very easy. It requires one change to be made to <tt class="file docutils literal"><span class="pre">app/config/app_cfg.py</span></tt>. This change will take care of registering faswho as the authentication provider, enabling <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> protection, switching <tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt> to use <tt class="xref py py-func docutils literal"><span class="pre">fedora.ta2g.utils.url()</span></tt> instead, and allowing the <cite>_csrf_token</cite> parameter to be given to any URL.</p> <dl class="function"> <dt id="fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware"> <tt class="descclassname">fedora.wsgi.faswho.faswhoplugin.</tt><tt class="descname">make_faswho_middleware</tt><big>(</big><em>app</em>, <em>log_stream=None</em>, <em>login_handler='/login_handler'</em>, <em>login_form_url='/login'</em>, <em>logout_handler='/logout_handler'</em>, <em>post_login_url='/post_login'</em>, <em>post_logout_url=None</em>, <em>fas_url='https://admin.fedoraproject.org/accounts/'</em>, <em>insecure=False</em>, <em>ssl_cookie=True</em>, <em>httponly=True</em><big>)</big><a class="headerlink" href="#fedora.wsgi.faswho.faswhoplugin.make_faswho_middleware" title="Permalink to this definition">¶</a></dt> <dd><table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple"> <li><strong>app</strong> – WSGI app that is being wrapped</li> <li><strong>log_stream</strong> – <tt class="xref py py-class docutils literal"><span class="pre">logging.Logger</span></tt> to log auth messages</li> <li><strong>login_handler</strong> – URL where the login form is submitted</li> <li><strong>login_form_url</strong> – URL where the login form is displayed</li> <li><strong>logout_handler</strong> – URL where the logout form is submitted</li> <li><strong>post_login_url</strong> – URL to redirect the user to after login</li> <li><strong>post_logout_url</strong> – URL to redirect the user to after logout</li> <li><strong>fas_url</strong> – Base URL to the FAS server</li> <li><strong>insecure</strong> – Allow connecting to a fas server without checking the server’s SSL certificate. Opens you up to MITM attacks but can be useful when testing. <em>Do not enable this in production</em></li> <li><strong>ssl_cookie</strong> – If <tt class="xref py py-data docutils literal"><span class="pre">True</span></tt> (default), tell the browser to only send the session cookie back over https.</li> <li><strong>httponly</strong> – If <tt class="xref py py-data docutils literal"><span class="pre">True</span></tt> (default), tell the browser that the session cookie should only be read for sending to a server, not for access by JavaScript or other clientside technology. This prevents using the session cookie to pass information to JavaScript clients but also prevents XSS attacks from stealing the session cookie information.</li> </ul> </td> </tr> </tbody> </table> </dd></dl> </div> <div class="section" id="using-csrf-middleware-with-other-auth-methods"> <h2>Using CSRF middleware with other Auth Methods<a class="headerlink" href="#using-csrf-middleware-with-other-auth-methods" title="Permalink to this headline">¶</a></h2> <p>This section needs to be made clearer so that apps like mirrormanager can be ported to use this.</p> <span class="target" id="module-fedora.wsgi.csrf"></span><p>Cross-site Request Forgery Protection.</p> <p><a class="reference external" href="http://en.wikipedia.org/wiki/Cross-site_request_forgery">http://en.wikipedia.org/wiki/Cross-site_request_forgery</a></p> <p><em>Module author: John (J5) Palmieri <<a class="reference external" href="mailto:johnp%40redhat.com">johnp<span>@</span>redhat<span>.</span>com</a>></em></p> <p><em>Module author: Luke Macken <<a class="reference external" href="mailto:lmacken%40redhat.com">lmacken<span>@</span>redhat<span>.</span>com</a>></em></p> <p class="versionadded"> <span class="versionmodified">New in version 0.3.17.</span></p> <dl class="class"> <dt id="fedora.wsgi.csrf.CSRFProtectionMiddleware"> <em class="property">class </em><tt class="descclassname">fedora.wsgi.csrf.</tt><tt class="descname">CSRFProtectionMiddleware</tt><big>(</big><em>application</em>, <em>csrf_token_id='_csrf_token'</em>, <em>clear_env='repoze.who.identity repoze.what.credentials'</em>, <em>token_env='CSRF_TOKEN'</em>, <em>auth_state='CSRF_AUTH_STATE'</em><big>)</big><a class="headerlink" href="#fedora.wsgi.csrf.CSRFProtectionMiddleware" title="Permalink to this definition">¶</a></dt> <dd><p>CSRF Protection WSGI Middleware.</p> <p>A layer of WSGI middleware that is responsible for making sure authenticated requests originated from the user inside of the app’s domain and not a malicious website.</p> <p>This middleware works with the <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> middleware, and requires that it is placed below <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> in the WSGI stack, since it relies upon <tt class="docutils literal"><span class="pre">repoze.who.identity</span></tt> to exist in the environ before it is called.</p> <p>To utilize this middleware, you can just add it to your WSGI stack below the <tt class="xref py py-mod docutils literal"><span class="pre">repoze.who</span></tt> middleware. Here is an example of utilizing the <cite>CSRFProtectionMiddleware</cite> within a TurboGears2 application. In your <tt class="docutils literal"><span class="pre">project/config/middleware.py</span></tt>, you would wrap your main application with the <cite>CSRFProtectionMiddleware</cite>, like so:</p> <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.wsgi.csrf</span> <span class="kn">import</span> <span class="n">CSRFProtectionMiddleware</span> <span class="k">def</span> <span class="nf">make_app</span><span class="p">(</span><span class="n">global_conf</span><span class="p">,</span> <span class="n">full_stack</span><span class="o">=</span><span class="bp">True</span><span class="p">,</span> <span class="o">**</span><span class="n">app_conf</span><span class="p">):</span> <span class="n">app</span> <span class="o">=</span> <span class="n">make_base_app</span><span class="p">(</span><span class="n">global_conf</span><span class="p">,</span> <span class="n">wrap_app</span><span class="o">=</span><span class="n">CSRFProtectionMiddleware</span><span class="p">,</span> <span class="n">full_stack</span><span class="o">=</span><span class="n">full_stack</span><span class="p">,</span> <span class="o">**</span><span class="n">app_conf</span><span class="p">)</span> </pre></div> </div> <p>You then need to add the CSRF token to every url that you need to be authenticated for. When used with TurboGears2, an overridden version of <tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt> is provided. You can use it directly by calling:</p> <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.tg2.utils</span> <span class="kn">import</span> <span class="n">url</span> <span class="p">[</span><span class="o">...</span><span class="p">]</span> <span class="n">url</span> <span class="o">=</span> <span class="n">url</span><span class="p">(</span><span class="s">'/authentication_needed'</span><span class="p">)</span> </pre></div> </div> <p>An easier and more portable way to use that is from within TG2 to set this up is to use <tt class="xref py py-func docutils literal"><span class="pre">fedora.tg2.utils.enable_csrf()</span></tt> when you setup your application. This function will monkeypatch TurboGears2’s <tt class="xref py py-func docutils literal"><span class="pre">tg.url()</span></tt> so that it adds a csrf token to urls. This way, you can keep the same code in your templates and controller methods whether or not you configure the CSRF middleware to provide you with protection via <tt class="xref py py-func docutils literal"><span class="pre">enable_csrf()</span></tt>.</p> </dd></dl> <dl class="class"> <dt id="fedora.wsgi.csrf.CSRFMetadataProvider"> <em class="property">class </em><tt class="descclassname">fedora.wsgi.csrf.</tt><tt class="descname">CSRFMetadataProvider</tt><big>(</big><em>csrf_token_id='_csrf_token'</em>, <em>session_cookie='tg-visit'</em>, <em>clear_env='repoze.who.identity repoze.what.credentials'</em>, <em>login_handler='/post_login'</em>, <em>token_env='CSRF_TOKEN'</em>, <em>auth_session_id='CSRF_AUTH_SESSION_ID'</em>, <em>auth_state='CSRF_AUTH_STATE'</em><big>)</big><a class="headerlink" href="#fedora.wsgi.csrf.CSRFMetadataProvider" title="Permalink to this definition">¶</a></dt> <dd><p>Repoze.who CSRF Metadata Provider Plugin.</p> <p>This metadata provider is called with an authenticated users identity automatically by repoze.who. It will then take the SHA1 hash of the users session cookie, and set it as the CSRF token in <tt class="docutils literal"><span class="pre">environ['repoze.who.identity']['_csrf_token']</span></tt>.</p> <p>This plugin will also set <tt class="docutils literal"><span class="pre">CSRF_AUTH_STATE</span></tt> in the environ if the user has just authenticated during this request.</p> <p>To enable this plugin in a TurboGears2 application, you can add the following to your <tt class="docutils literal"><span class="pre">project/config/app_cfg.py</span></tt></p> <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">fedora.wsgi.csrf</span> <span class="kn">import</span> <span class="n">CSRFMetadataProvider</span> <span class="n">base_config</span><span class="o">.</span><span class="n">sa_auth</span><span class="o">.</span><span class="n">mdproviders</span> <span class="o">=</span> <span class="p">[(</span><span class="s">'csrfmd'</span><span class="p">,</span> <span class="n">CSRFMetadataProvider</span><span class="p">())]</span> </pre></div> </div> <p>Note: If you use the faswho plugin, this is turned on automatically.</p> </dd></dl> </div> <div class="section" id="templates"> <h2>Templates<a class="headerlink" href="#templates" title="Permalink to this headline">¶</a></h2> <p>The <tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.utils</span></tt> module contains some templates to help you write <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> aware login forms and buttons. You can use the <tt class="xref py py-func docutils literal"><span class="pre">fedora_template()</span></tt> function to integrate them into your templates:</p> <p>The templates themselves come in two flavors. One set for use with mako and one set for use with genshi.</p> <div class="section" id="module-fedora.tg2.templates.mako"> <span id="mako"></span><h3>Mako<a class="headerlink" href="#module-fedora.tg2.templates.mako" title="Permalink to this headline">¶</a></h3> <p>Mako version of templates to make adding certain Fedora widgets easier.</p> <div class="section" id="module-fedora.tg2.templates.mako.login.mak"> <span id="fedora-tg2-templates-mako-login-mak"></span><h4><a class="reference internal" href="#module-fedora.tg2.templates.mako.login.mak" title="fedora.tg2.templates.mako.login.mak: Templates related to logging in and out."><tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.templates.mako.login.mak</span></tt></a><a class="headerlink" href="#module-fedora.tg2.templates.mako.login.mak" title="Permalink to this headline">¶</a></h4> <p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p> <p class="versionadded"> <span class="versionmodified">New in version 0.3.25.</span></p> <p>Include this using:</p> <div class="highlight-python"><pre><%namespace name="fedora" file="${context['fedora_template']('login.mak')}" /></pre> </div> <dl class="function"> <dt id="fedora.tg2.templates.mako.login.mak.loginform"> <tt class="descclassname">fedora.tg2.templates.mako.login.mak.</tt><tt class="descname">loginform</tt><big>(</big><em>message=''</em><big>)</big><a class="headerlink" href="#fedora.tg2.templates.mako.login.mak.loginform" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">kwarg message:</th><td class="field-body">Any text or elements contained by the <loginform> tag will be shown as a message to the user. This is generally used to show status of the last login attempt (“Please provide your credentials”, “Supplied credentials were not correct”, etc)</td> </tr> </tbody> </table> <p>A function for generating the main login form. This is a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> token-aware login form that will prompt for username and password when no session identity is present and ask the user to click a link if they merely lack a token.</p> <p>Typical usage, given the above import of the <tt class="file docutils literal"><span class="pre">login.mak</span></tt> template would be:</p> <div class="highlight-python"><pre>${fedora.loginform()}</pre> </div> <dl class="function"> <dt id="fedora.tg2.templates.mako.login.mak.logintoolitem"> <tt class="descclassname">fedora.tg2.templates.mako.login.mak.</tt><tt class="descname">logintoolitem</tt><big>(</big><em>href=None</em><big>)</big><a class="headerlink" href="#fedora.tg2.templates.mako.login.mak.logintoolitem" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">kwarg href:</th><td class="field-body">If an href is given, when a user is logged in, their username or display_name will be a link to the URL.</td> </tr> </tbody> </table> <p>This function creates an entry into a toolbar for logging into a web app. The entry will contain the user’s username and a logout button if the user is logged in, a verify login button if the user has a session cookie but not a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> token, or a login button if the user doesn’t have a session cookie.</p> <p>Typical usage looks like this:</p> <div class="highlight-python"><pre><ul class="toolbar" id="#main-toolbar"> ${fedora.logintoolitem(href=tg.url('/users/info'))} </ul></pre> </div> </div> <div class="section" id="module-fedora.tg2.templates.mako.jsglobals.mak"> <span id="fedora-tg2-templates-mako-jsglobals-mak"></span><h4><a class="reference internal" href="#module-fedora.tg2.templates.mako.jsglobals.mak" title="fedora.tg2.templates.mako.jsglobals.mak: Templates to get information into javascript"><tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.templates.mako.jsglobals.mak</span></tt></a><a class="headerlink" href="#module-fedora.tg2.templates.mako.jsglobals.mak" title="Permalink to this headline">¶</a></h4> <p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p> <p class="versionadded"> <span class="versionmodified">New in version 0.3.25.</span></p> <p>Include this using:</p> <div class="highlight-python"><pre><%namespace name="jsglobals" file="${context['fedora_template']('jsglobals.mak')}" /></pre> </div> <dl class="function"> <dt id="fedora.tg2.templates.mako.jsglobals.mak.jsglobals"> <tt class="descclassname">fedora.tg2.templates.mako.jsglobals.mak.</tt><tt class="descname">jsglobals</tt><big>(</big><big>)</big><a class="headerlink" href="#fedora.tg2.templates.mako.jsglobals.mak.jsglobals" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <p>A function to add global variables to a page. Typically, you’d include this in your <tt class="file docutils literal"><span class="pre">master.mak</span></tt> template and let the javascript variables defined there propogate to every page on your site (since they all should inherit from <tt class="file docutils literal"><span class="pre">master.mak</span></tt>). This adds the following variables in the fedora namespace for other scripts to access:</p> <blockquote> <div><table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">fedora.baseurl:</th><td class="field-body">URL fragment to prepend to any calls to the application. In a <a class="reference internal" href="glossary.html#term-turbogears"><em class="xref std std-term">TurboGears</em></a> application, this is the scheme, host, and server.webpath. Example: <a class="reference external" href="https://admin.fedoraproject.org/pkgdb/">https://admin.fedoraproject.org/pkgdb/</a>. This may be a relative link.</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.anonymous:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">If <tt class="docutils literal"><span class="pre">true</span></tt>, there will be no other variables in the <cite>fedora.identity</cite> namespace. If <tt class="docutils literal"><span class="pre">false</span></tt>, these variables are defined:</td> </tr> <tr class="field-odd field"><th class="field-name" colspan="2">fedora.identity.userid:</th></tr> <tr class="field-odd field"><td> </td><td class="field-body">Numeric, unique identifier for the user</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.username:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">Publically visible unique identifier for the user</td> </tr> <tr class="field-odd field"><th class="field-name" colspan="2">fedora.identity.display_name:</th></tr> <tr class="field-odd field"><td> </td><td class="field-body">Common human name for the user</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.token:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">csrf token for this user’s session to be added to urls that query the server.</td> </tr> </tbody> </table> </div></blockquote> <p>Typical usage would be:</p> <div class="highlight-python"><pre>${jsglobals.jsglobals()}</pre> </div> </div> </div> <div class="section" id="module-fedora.tg2.templates.genshi"> <span id="genshi"></span><h3>Genshi<a class="headerlink" href="#module-fedora.tg2.templates.genshi" title="Permalink to this headline">¶</a></h3> <p>Genshi version of templates to make adding certain Fedora widgets easier.</p> <div class="section" id="module-fedora.tg2.templates.genshi.login.html"> <span id="fedora-tg2-templates-genshi-login-html"></span><h4><a class="reference internal" href="#module-fedora.tg2.templates.genshi.login.html" title="fedora.tg2.templates.genshi.login.html: Templates related to logging in and out."><tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.templates.genshi.login.html</span></tt></a><a class="headerlink" href="#module-fedora.tg2.templates.genshi.login.html" title="Permalink to this headline">¶</a></h4> <p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p> <p class="versionadded"> <span class="versionmodified">New in version 0.3.26.</span></p> <dl class="docutils"> <dt>Include this using::</dt> <dd><xi:include href=”${fedora_template(‘login.html’, template_type=’genshi’)}” /></dd> </dl> <dl class="function"> <dt id="fedora.tg2.templates.genshi.login.html.loginform"> <tt class="descclassname">fedora.tg2.templates.genshi.login.html.</tt><tt class="descname">loginform</tt><big>(</big><span class="optional">[</span><em>message</em><span class="optional">]</span><big>)</big><a class="headerlink" href="#fedora.tg2.templates.genshi.login.html.loginform" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">message:</th><td class="field-body">Any text or elements contained by the <loginform> tag will be shown as a message to the user. This is generally used to show status of the last login attempt (“Please provide your credentials”, “Supplied credentials were not correct”, etc)</td> </tr> </tbody> </table> <p>A match template for the main login form. This is a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> token-aware login form that will prompt for username and password when no session identity is present and ask the user to click a link if they merely lack a token.</p> <p>Typical usage would be:</p> <div class="highlight-python"><pre><loginform>${message}</loginform></pre> </div> <dl class="function"> <dt id="fedora.tg2.templates.genshi.login.html.logintoolitem"> <tt class="descclassname">fedora.tg2.templates.genshi.login.html.</tt><tt class="descname">logintoolitem</tt><big>(</big><em>@href=URL</em><big>)</big><a class="headerlink" href="#fedora.tg2.templates.genshi.login.html.logintoolitem" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">@href:</th><td class="field-body">If an href attribute is present for this tag, when a user is logged in, their username or display_name will be a link to the URL.</td> </tr> </tbody> </table> <p>A match template to add an entry to a toolbar. The entry will contain the user’s username and a logout button if the user is logged in, a verify login button if the user has a session cookie but not a <a class="reference internal" href="glossary.html#term-csrf"><em class="xref std std-term">CSRF</em></a> token, or a login button if the user doesn’t have a session cookie.</p> <p>Typical usage looks like this:</p> <div class="highlight-python"><pre><ul class="toolbar" id="#main-toolbar"> <logintoolitem href="${tg.url('/users/info')}" /> </ul></pre> </div> </div> <div class="section" id="module-fedora.tg2.templates.genshi.jsglobals.html"> <span id="fedora-tg2-templates-genshi-jsglobals-html"></span><h4><a class="reference internal" href="#module-fedora.tg2.templates.genshi.jsglobals.html" title="fedora.tg2.templates.genshi.jsglobals.html: Templates to get information into javascript"><tt class="xref py py-mod docutils literal"><span class="pre">fedora.tg2.templates.genshi.jsglobals.html</span></tt></a><a class="headerlink" href="#module-fedora.tg2.templates.genshi.jsglobals.html" title="Permalink to this headline">¶</a></h4> <p><em>Module author: Toshio Kuratomi <<a class="reference external" href="mailto:tkuratom%40redhat.com">tkuratom<span>@</span>redhat<span>.</span>com</a>></em></p> <p class="versionadded"> <span class="versionmodified">New in version 0.3.26.</span></p> <dl class="docutils"> <dt>Include this using::</dt> <dd><xi:include href=”${fedora_template(‘jsglobals.html’, template_type=’genshi’)}” /></dd> </dl> <dl class="function"> <dt id="fedora.tg2.templates.genshi.jsglobals.html.jsglobals"> <tt class="descclassname">fedora.tg2.templates.genshi.jsglobals.html.</tt><tt class="descname">jsglobals</tt><big>(</big><big>)</big><a class="headerlink" href="#fedora.tg2.templates.genshi.jsglobals.html.jsglobals" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <p>A match template to add global variables to a page. Typically, you’d include this in your <tt class="file docutils literal"><span class="pre">master.html</span></tt> template and let it be added to every other page from there. This adds the following variables in the fedora namespace for other scripts to access:</p> <blockquote> <div><table class="docutils field-list" frame="void" rules="none"> <col class="field-name" /> <col class="field-body" /> <tbody valign="top"> <tr class="field-odd field"><th class="field-name">fedora.baseurl:</th><td class="field-body">URL fragment to prepend to any calls to the application. In a <a class="reference internal" href="glossary.html#term-turbogears"><em class="xref std std-term">TurboGears</em></a> application, this is the scheme, host, and server.webpath. Example: <a class="reference external" href="https://admin.fedoraproject.org/pkgdb/">https://admin.fedoraproject.org/pkgdb/</a>. This may be a relative link.</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.anonymous:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">If <tt class="docutils literal"><span class="pre">true</span></tt>, there will be no other variables in the <cite>fedora.identity</cite> namespace. If <tt class="docutils literal"><span class="pre">false</span></tt>, these variables are defined:</td> </tr> <tr class="field-odd field"><th class="field-name" colspan="2">fedora.identity.userid:</th></tr> <tr class="field-odd field"><td> </td><td class="field-body">Numeric, unique identifier for the user</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.username:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">Publically visible unique identifier for the user</td> </tr> <tr class="field-odd field"><th class="field-name" colspan="2">fedora.identity.display_name:</th></tr> <tr class="field-odd field"><td> </td><td class="field-body">Common human name for the user</td> </tr> <tr class="field-even field"><th class="field-name" colspan="2">fedora.identity.token:</th></tr> <tr class="field-even field"><td> </td><td class="field-body">csrf token for this user’s session to be added to urls that query the server.</td> </tr> </tbody> </table> </div></blockquote> <p>Typical usage would be:</p> <div class="highlight-python"><pre><jsglobals /></pre> </div> </div> </div> </div> </div> </div> </div> </div> <div class="sphinxsidebar"> <div class="sphinxsidebarwrapper"> <h3><a href="index.html">Table Of Contents</a></h3> <ul> <li><a class="reference internal" href="#">FASWho Plugin</a><ul> <li><a class="reference internal" href="#authenticating-against-fas-with-turbogears2">Authenticating against FAS with TurboGears2</a></li> <li><a class="reference internal" href="#using-csrf-middleware-with-other-auth-methods">Using CSRF middleware with other Auth Methods</a></li> <li><a class="reference internal" href="#templates">Templates</a><ul> <li><a class="reference internal" href="#module-fedora.tg2.templates.mako">Mako</a><ul> <li><a class="reference internal" href="#module-fedora.tg2.templates.mako.login.mak"><tt class="docutils literal"><span class="pre">fedora.tg2.templates.mako.login.mak</span></tt></a></li> <li><a class="reference internal" href="#module-fedora.tg2.templates.mako.jsglobals.mak"><tt class="docutils literal"><span class="pre">fedora.tg2.templates.mako.jsglobals.mak</span></tt></a></li> </ul> </li> <li><a class="reference internal" href="#module-fedora.tg2.templates.genshi">Genshi</a><ul> <li><a class="reference internal" href="#module-fedora.tg2.templates.genshi.login.html"><tt class="docutils literal"><span class="pre">fedora.tg2.templates.genshi.login.html</span></tt></a></li> <li><a class="reference internal" href="#module-fedora.tg2.templates.genshi.jsglobals.html"><tt class="docutils literal"><span class="pre">fedora.tg2.templates.genshi.jsglobals.html</span></tt></a></li> </ul> </li> </ul> </li> </ul> </li> </ul> <h4>Previous topic</h4> <p class="topless"><a href="flask_fas_openid.html" title="previous chapter">FAS Flask OpenID Auth Plugin</a></p> <h4>Next topic</h4> <p class="topless"><a href="javascript.html" title="next chapter">JavaScript</a></p> <h3>This Page</h3> <ul class="this-page-menu"> <li><a href="_sources/faswho.txt" rel="nofollow">Show Source</a></li> </ul> <div id="searchbox" style="display: none"> <h3>Quick search</h3> <form class="search" action="search.html" method="get"> <input type="text" name="q" /> <input type="submit" value="Go" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> <p class="searchtip" style="font-size: 90%"> Enter search terms or a module, class or function name. </p> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <div class="clearer"></div> </div> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="genindex.html" title="General Index" >index</a></li> <li class="right" > <a href="py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="javascript.html" title="JavaScript" >next</a> |</li> <li class="right" > <a href="flask_fas_openid.html" title="FAS Flask OpenID Auth Plugin" >previous</a> |</li> <li><a href="index.html">python-fedora 0.10.0 documentation</a> »</li> <li><a href="auth.html" >Authentication to FAS</a> »</li> </ul> </div> <div class="footer"> © Copyright 2007-2018 Red Hat, Inc.. Last updated on Feb 01, 2018. Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3. </div> </body> </html>