FASWho Plugin¶
- Authors
Luke Macken Toshio Kuratomi
- Date
3 September 2011
This plugin provides authentication to the Fedora Account System using the repoze.who WSGI middleware. It is designed for use with TurboGears2 but it may be used with any repoze.who using application. Like TurboGears Identity Provider 2, faswho has builtin CSRF protection. This protection is implemented as a second piece of middleware and may be used with other repoze.who authentication schemes.
Authenticating against FAS with TurboGears2¶
Setting up authentication against FAS in TurboGears2 is very easy. It
requires one change to be made to app/config/app_cfg.py. This change
will take care of registering faswho as the authentication provider, enabling
CSRF protection, switching tg.url() to use
fedora.ta2g.utils.url() instead, and allowing the _csrf_token
parameter to be given to any URL.
Using CSRF middleware with other Auth Methods¶
This section needs to be made clearer so that apps like mirrormanager can be ported to use this.
Templates¶
The fedora.tg2.utils module contains some templates to help you
write CSRF aware login forms and buttons. You can use the
fedora_template() function to integrate them into your
templates:
The templates themselves come in two flavors. One set for use with mako and one set for use with genshi.