Python Web Framework Series – Pylons: Part 6 Basic Authorization With AuthKit

Last post we left off with very basic database access, and testing story completed. Now we’re going to look at basic Authorization and Authentication with AuthKit. NOTE: most of this post is just an aggregation of a couple of chapters in the Pylons Book since this setup is a good base starting point. Read the previous link to the Pylons Book for more in depth coverage of this topic. 

Setting Up AuthKit

First lets make sure we have AuthKit installed: easy_install AuthKit. For this post we’re working with AuthKit 0.4.3, your mileage may vary if you read this post in the future and are using a different version. Now that we have Authkit installed open up add the following imports:



import authkit.authenticate
from authkit.permissions import ValidAuthKitUser


and then add somewhere inside the if asbool(full_stack): code block.

permission = ValidAuthKitUser()
app = authkit.authorize.middleware(app, permission)
app = authkit.authenticate.middleware(app,app_conf)



in development.ini add this to the end of your [app:main] section

authkit.setup.enable = true
authkit.setup.method = form, cookie
authkit.form.authenticate.user.type = authkit.users.sqlalchemy_driver:UsersFromDatabase = pylonsforum.model
authkit.cookie.secret = secret string
authkit.cookie.signoutpath = /home/signout

Open your controller and for now add a “signout” action:

def signout(self):
    return “You’ve been signed out”

Now in your we have a ton to add to get the basic setup working. Start right after imports and add these line.

from authkit.users.sqlalchemy_driver import UsersFromDatabase

next add the following in your “setup_app” method after load_environment

    from pylonsforum.model import meta
    meta.metadata.bind = meta.engine
    filename = os.path.split(conf.filename)[1]“Adding the AuthKit model…”)
    users = UsersFromDatabase(model)
    meta.metadata.create_all(checkfirst=True)“Adding roles and uses…”)
    users.user_create(“admin”, password=“admin”)

For the final piece delete your development.db file and run paster setup-app development.ini to recreate it with the AuthKit user model. Now you have very basic authentication working in your site

http://localhost:5000 reveals:

Picture 2

type in “admin” for the username and password and it should let you pass.  Note going back to the site will not bring up a password box again.


will remove your cookie and you’ll see the sign in form once more if you go to http://localhost:5000 .  Stayed tuned for more posts as I go more in depth with the different features and customizations of AuthKit.