Trip Solutions Ltd
Trip Solutions Ltd
In relation to issue #53, this would be a first draft proposal for enabling integration with pyramid_authstack. - rewritten _configure from __init.py__ to be consumed externally - made the registration...
Since pyramid 2.0 was released the tests test_remember_warning and test_forget_warning are failing because the warning's filename shows as pyramid/security.py. I assume this is a change with pyramid, but I am...
When the cookie is an invalid JWT token (corrupted, tempered with, expired, private key has changed, etc) and the cookie authentication policy has reissue_time set to a non-null value _handle_reissue...
This covers issue #54 but also the ability to plumb the cookie authentication on top of a 3rd party token generation API. It's a significant API change so I'm looking...
Because set_jwt_authentication_policy's https_only parameter had a default value set to True the ini-file value was never being picked up. You would need to explicitly pass https_only=None to set_jwt_cookie_authentication_policy for the...
Would it make sense for the cookie authentication policy to accept a callback to be used when reissuing the cookie so that the claims can be refreshed / re-checked?
We're using a slightly modified version of pyramid_jwt as part of a stack defined using https://github.com/wichert/pyramid_authstack and I'm trying to create a minimal pull request for the functionality. My question...
This patch provides a very direct way to stack cookie-only authentication and header authentication. Functionality is activated by accept_header/jwt.cookie_accept_header (parameter/ini-file value) and precedence is decided by header_first/jwt.cookie_prefer_header.
Add parameter and ini-file setting for SameSite cookie attribute, passed to the cookie profile constructor