This package provides a definition of authentication concepts for use in Zope Framework.

Detailed Documentation

Logout Support

Logout support is defined by a simple interface ILogout:

>>> from zope.authentication.interfaces import ILogout

that has a single 'logout' method.

The current use of ILogout is to adapt an IAuthentication component to ILogout To illustrate, we'll create a simple logout implementation that adapts IAuthentication:

>>> class SimpleLogout(object):
...
...     adapts(IAuthentication)
...     implements(ILogout)
...
...     def __init__(self, auth):
...         pass
...
...     def logout(self, request):
...         print 'User has logged out'
>>> provideAdapter(SimpleLogout)

and something to represent an authentication utility:

>>> class Authentication(object):
...
...     implements(IAuthentication)
>>> auth = Authentication()

To perform a logout, we adapt auth to ILogout and call 'logout':

>>> logout = ILogout(auth)
>>> logout.logout(TestRequest())
User has logged out

The 'NoLogout' Adapter

The class:

>>> from zope.authentication.logout import NoLogout

can be registered as a fallback provider of ILogout for IAuthentication components that are not otherwise adaptable to ILogout. NoLogout's logout method is a no-op:

>>> NoLogout(auth).logout(TestRequest())

Logout User Interface

Because some authentication protocols do not formally support logout, it may not be possible for a user to logout once he or she has logged in. In such cases, it would be inappropriate to present a user interface for logging out.

Because logout support is site-configurable, Zope provides an adapter that, when registered, indicates that the site is configured for logout:

>>> from zope.authentication.logout import LogoutSupported

This class merely serves as a flag as it implements ILogoutSupported:

>>> from zope.authentication.interfaces import ILogoutSupported
>>> ILogoutSupported.implementedBy(LogoutSupported)
True
>>> request = object()
>>> ILogoutSupported.providedBy(LogoutSupported(request))
True

Principal Terms

Principal Terms are used to support browser interfaces for searching principal sources. They provide access to tokens and titles for values. The principal terms view uses an authentication utility to get principal titles. Let's create an authentication utility to demonstrate how this works:

>>> class Principal:
...     def __init__(self, id, title):
...         self.id, self.title = id, title
>>> from zope.interface import implements
>>> from zope.authentication.interfaces import IAuthentication
>>> from zope.authentication.interfaces import PrincipalLookupError
>>> class AuthUtility:
...     implements(IAuthentication)
...     data = {'jim': 'Jim Fulton', 'stephan': 'Stephan Richter'}
...
...     def getPrincipal(self, id):
...         title = self.data.get(id)
...         if title is not None:
...             return Principal(id, title)
...         raise PrincipalLookupError

Now we need to install the authentication utility:

>>> from zope.component import provideUtility
>>> provideUtility(AuthUtility(), IAuthentication)

We need a principal source so that we can create a view from it.

>>> from zope.component import getUtility
>>> class PrincipalSource:
...     def __contains__(self, id):
...          auth = getUtility(IAuthentication)
...          try:
...              auth.getPrincipal(id)
...          except PrincipalLookupError:
...              return False
...          else:
...              return True

Now we can create an terms view:

>>> from zope.authentication.principal import PrincipalTerms
>>> terms = PrincipalTerms(PrincipalSource(), None)

Now we can ask the terms view for terms:

>>> term = terms.getTerm('stephan')
>>> term.title
'Stephan Richter'
>>> term.token
'c3RlcGhhbg__'

If we ask for a term that does not exist, we get a lookup error:

>>> terms.getTerm('bob')
Traceback (most recent call last):
...
LookupError: bob

If we have a token, we can get the principal id for it.

>>> terms.getValue('c3RlcGhhbg__')
'stephan'

CHANGES

3.7.2 (unreleased)

3.7.1 (2010-04-30)

  • Removed undeclared testing dependency on zope.testing.

3.7.0 (2009-03-14)

Initial release. This package was split off from zope.app.security to provide a separate common interface definition for authentication utilities without extra dependencies.