hawat.blueprints.auth_env package¶

This pluggable module provides default authentication service based on server environment. In this case the burden of performing actual authentication is on the web server used for serving the web interface. The authentication module then simply uses selected environment variables set up by the server after successful authentication.

This module also provides interface for automated user account registration. The registration form is pre-filled with data gathered again from server environment. The login may not be changed and the value fetched from environment is always used. Other account attributes like name or email address may be tweaked by user before submitting the registration form. Administrator and user are both notified via email about the fact new account was just created.

Environment variables¶

Currently following environment variables set up by the HTTP server are supported:

eppn,``REMOTE_USER`` (MANDATORY): The eppn server variable is set up by the _shibd_ daemon implementing the Shibboleth SSO service. The REMOTE_USER variable is set up by many authentication providers. This environment variable is of course mandatory, and it is used as an account username (login).
cn,``givenName``,``sn`` (OPTIONAL): The cn server variable is used to fill in user`s name, when available. When not available, user`s name is constructed as contatenation of givenName and sn server variables. When none of the above is available, user has to input his/her name manually during registration process.
perunPreferredMail,``mail`` (OPTIONAL): The perunPreferredMail server variable is used to fill in user`s email address, when available. When not available, the first email address from email server variable is used. When none of the above is available, user has to input his/her email manually during registration process.
perunOrganizationName,``o`` (OPTIONAL): The perunOrganizationName server variable is used to fill in user`s home organization name, when available. When not available, the value of o server variable is used. When none of the above is available, user has to input his/her home organization name manually during registration process.

Provided endpoints¶

/auth_env/login

Page providing login functionality via server set environment variables.

Authentication: no authentication
Methods: GET

/auth_env/register

User account registration using server set environment variables.

Authentication: no authentication
Methods: GET, POST

hawat.blueprints.auth_env.BLUEPRINT_NAME = 'auth_env'¶: Name of the blueprint as module global constant.

class hawat.blueprints.auth_env.EnvAuthBlueprint(name, import_name, **kwargs)[source]¶

Bases: hawat.base.HawatBlueprint

Pluggable module - environment authentication service (auth_env).

classmethod get_module_title()[source]¶

Get human readable name for this blueprint/module.

Returns: Name (short summary) of the blueprint/module.
Return type: str

name = None¶

register_app(app)[source]¶

Hook method: Custom callback, which will be called from hawat.app.Hawat.register_blueprint() method and which can perform additional tweaking of Hawat application object.

Parameters: app (hawat.app.Hawat) – Application object.

class hawat.blueprints.auth_env.LoginView[source]¶

Bases: hawat.view.mixin.HTMLMixin, hawat.view.mixin.SQLAlchemyMixin, hawat.view.BaseLoginView

View responsible for user login via application environment.

property dbmodel¶: This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

classmethod get_menu_title(**kwargs)[source]¶

Return menu entry title for the view.

Default implementation returns the return value of hawat.view.BaseView.get_view_title() method by default.

Parameters: kwargs (dict) – Optional parameters.
Returns: Menu entry title for the view.
Return type: str

get_user_login()[source]¶: Get login of the user that is being authenticated.

classmethod get_view_title(**kwargs)[source]¶

Return title for the view, that will be displayed in the title tag of HTML head element and also as the content of page header in h2 tag.

Default implementation returns the return value of hawat.view.BaseView.get_menu_title() method by default.

Parameters: kwargs (dict) – Optional parameters.
Returns: Title for the view.
Return type: str

methods: Optional[List[str]] = ['GET']¶

property search_by¶: Return model`s attribute (column) according to which to search for a single item.

class hawat.blueprints.auth_env.RegisterView[source]¶

Bases: hawat.view.mixin.HTMLMixin, hawat.view.mixin.SQLAlchemyMixin, hawat.view.BaseRegisterView

View responsible for registering new user account into application.

property dbchlogmodel¶: This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

property dbmodel¶: This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

dispatch_request()[source]¶: Mandatory interface required by the flask.views.View.dispatch_request(). Will be called by the Flask framework to service the request.

get_item()[source]¶: Hook method. Must return instance for given item class.

static get_item_form(item)[source]¶: Hook method. Must return instance of flask_wtf.FlaskForm appropriate for given item class.

classmethod get_menu_title(**kwargs)[source]¶: Implementation of hawat.view.BaseView.get_menu_title().

get_user_from_env()[source]¶: Get user object populated with information gathered from server environment variables.

classmethod get_view_title(**kwargs)[source]¶: Implementation of hawat.view.BaseView.get_view_title().

methods: Optional[List[str]] = ['GET', 'POST']¶

exception hawat.blueprints.auth_env.RegistrationException(description)[source]¶

Bases: Exception

Exception describing problems with new user account registration.

hawat.blueprints.auth_env.get_blueprint()[source]¶: Mandatory interface for hawat.Hawat and factory function. This function must return a valid instance of hawat.app.HawatBlueprint or flask.Blueprint.

hawat.blueprints.auth_env.get_login_from_environment()[source]¶: Get user account login from appropriate environment variable(s).

Subpackages¶

hawat.blueprints.auth_env.test package

Submodules¶

hawat.blueprints.auth_env.forms module