We use the repoze.who-friendlyform plugin during our authentication process. This plugin was last updated on 2010 and it's not py3 ready. More specifically we use it as Indentifier (extract user name and password from the WSGI env) and as a Challenger (present the user with a login/logout page). See the who.ini file.
The FriendlyForm plugin extends a default repoze.who one, RedirectorPlugin with some extra functionality. The one that we use is
Developers may define post-login and/or post-logout pages.
Approach
This is a pretty critical functionality so we need to come up with a good replacement strategy. It might be tempting to try to replace the whole repoze.who authenticating system with something like Flask-login, which has a much simpler and straight-forward integration and is better supported, but that is a big change, as we use some of the repoze.who assumptions at differents parts of the code (eg relying on the REMOTE_USER environ variable). So I'd suggest to plan that for a later stage and keep repoze.who in place for at least 2.9.
This means replacing or upgrading repoze.who-friendlyform. The plugin itself is not massive:
https://gist.github.com/amercader/0643f17f3d9641a49c3ed9f630d545df
So perhaps the best solution for now is to include this as part of the CKAN code base and upgrade it to run on Python 3
Story points
5
We use the repoze.who-friendlyform plugin during our authentication process. This plugin was last updated on 2010 and it's not py3 ready. More specifically we use it as Indentifier (extract user name and password from the WSGI env) and as a Challenger (present the user with a login/logout page). See the who.ini file.
The FriendlyForm plugin extends a default repoze.who one, RedirectorPlugin with some extra functionality. The one that we use is
Approach
This is a pretty critical functionality so we need to come up with a good replacement strategy. It might be tempting to try to replace the whole repoze.who authenticating system with something like Flask-login, which has a much simpler and straight-forward integration and is better supported, but that is a big change, as we use some of the repoze.who assumptions at differents parts of the code (eg relying on the
REMOTE_USERenviron variable). So I'd suggest to plan that for a later stage and keep repoze.who in place for at least 2.9.This means replacing or upgrading repoze.who-friendlyform. The plugin itself is not massive:
https://gist.github.com/amercader/0643f17f3d9641a49c3ed9f630d545df
So perhaps the best solution for now is to include this as part of the CKAN code base and upgrade it to run on Python 3
Story points
5