heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added docs explaining the authentication hooks

Browse Source
This commit is contained in:
Rodney Ewing 2013-07-10 13:29:58 -07:00
parent 94a566e60e
commit d194770dd2
2 changed files with 87 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/source/index.rst
View File

@ -77,6 +77,7 @@ This guide covers writing new GNU MediaGoblin plugins.
pluginwriter/database
pluginwriter/api
pluginwriter/tests
pluginwriter/authhooks
Part 4: Developer's Zone

86
docs/source/pluginwriter/authhooks.rst Normal file
View File

@ -0,0 +1,86 @@
======================
Authentication Hooks
======================
This documents the hooks that are currently available for authentication
plugins. If you need new hooks for your plugin, go ahead a submit a patch.
What hooks are available?
=========================
'authentication'
----------------
This hook just needs to return ``True`` as this is how
the MediaGoblin app knows that an authentication plugin is enabled.
'auth_extra_validation'
-----------------------
This hook is used to provide any additional validation of the registration
form when using ``mediagoblin.auth.tools.register_user()``. This hook runs
through all enabled auth plugins.
'auth_create_user'
------------------
This hook is used by ``mediagoblin.auth.tools.register_user()`` so plugins can
store the necessary information when creating a user. This hook runs through
all enabled auth plugins.
'auth_get_user'
---------------
This hook is used by ``mediagoblin.auth.tools.check_login_simple()``. Your
plugin should return a ``User`` object given a username.
'auth_no_pass_redirect'
-----------------------
This hook is called in ``mediagoblin.auth.views`` in both the ``login`` and
``register`` views. This hook should return the name of your plugin, so that
if :ref:`basic_auth-chapter` is not enabled, the user will be redirected to the
correct login and registration views for your plugin.
The code assumes that it can generate a valid url given
``mediagoblin.plugins.{{ your_plugin_here }}.login`` and
``mediagoblin.plugins.{{ your_plugin_here }}.register``. This is only needed if
you will not be using the ``login`` and ``register`` views in
``mediagoblin.auth.views``.
'auth_get_login_form'
---------------------
This hook is called in ``mediagoblin.auth.views.login()``. If you are not using
that view, then you do not need this hook. This hook should take a ``request``
object and return the ``LoginForm`` for your plugin.
'auth_get_registration_form'
----------------------------
This hook is called in ``mediagoblin.auth.views.register()``. If you are not
using that view, then you do not need this hook. This hook should take a
``request`` object and return the ``RegisterForm`` for your plugin.
'auth_gen_password_hash'
------------------------
This hook should accept a ``raw_pass`` and an ``extra_salt`` and return a
hashed password to be stored in ``User.pw_hash``.
'auth_check_password'
---------------------
This hook should accept a ``raw_pass``, a ``stored_hash``, and an ``extra_salt``.
Your plugin should then check that the ``raw_pass`` hashes to the same thing as
the ``stored_hash`` and return either ``True`` or ``False``.
'auth_fake_login_attempt'
-------------------------
This hook is called in ``mediagoblin.auth.tools.check_login_simple``. It is
called if a user is not found and should do something that takes the same amount
of time as your ``check_password`` function. This is to help prevent timining
attacks.