Thanks everyone for the great responses! I’m planning on having a go at making an authentication policy along the lines of SessionAuthenticationPolicy and have the Flask cookie signing bits imported just to handle that.
The apps are definitely going to dealt with as seperate, the migration is a good chance to sanitise the structure from years of accumulated cruft. This is a 3.8+ only app so I could start with 2.0 - are there any areas that are likely to change in it? Everything that I’ve read in the changes looks nice and simple to deal with. Another thing… I’ve jumped onto the IRC channel a few times and not seen any traffic, potentially timezone differences being on the other side of the world but is there much activity there? Peter W. > On 1 Sep 2020, at 3:23 am, Michael Merickel <mmeri...@gmail.com> wrote: > > The 2.0 security system is pretty backward compatible so I'd recommend just > starting with 1.x but I might suggest using the master version of > pyramid-cookiecutter-starter as it has significant improvements to the > default test fixtures for new projects. > > With respect to 2.0, sorry everyone but I've been dragging my feet on an > issue in the new security api so it isn't out yet! Mailing list activity is a > great motivator though! > > - Michael > >> On Aug 31, 2020, at 12:12, 'Jonathan Vanasco' via pylons-discuss >> <pylons-discuss@googlegroups.com <mailto:pylons-discuss@googlegroups.com>> >> wrote: >> >> I've done a handful of side-by-side migrations or deployments. >> >> I think you already identified the generally best approach IMHO: >> >> > Conceptually the simplest would be to have a auth cookie that is >> valid in both, it could be set to only be created in one and honoured in the >> other. >> >> However I recommend it with one caveat -- I would approach this >> functionality as if it were it's own authentication micro-service. It can >> live in one of the two processes, it doesn't need a third, but I would >> structure the UX, tests and development as if it were totally independent -- >> so the cookie value would just contain login state the core account info >> needed for auth and permissions. If either process needs to store other >> data in a cookie, use another cookie. >> >> Reading Pyramid cookies in Flask is pretty simple, Pyramid sessions just >> automate loading webob cookies with defaults >> >> * https://github.com/Pylons/pyramid/blob/master/src/pyramid/session.py >> <https://github.com/Pylons/pyramid/blob/master/src/pyramid/session.py> >> * https://github.com/Pylons/webob/blob/master/src/webob/cookies.py >> <https://github.com/Pylons/webob/blob/master/src/webob/cookies.py> >> >> >> In terms of Pyramid versions, if you need Python2 support - 1.10 is your >> only option. Otherwise, just pay attention to the deprecations on Pyramid2 >> and you should be able to transition from 1.10 to 2 very easily if you don't >> want to run the pre-release. Michael Merickel is the expert on this, but I >> think he and his team have done a great job in planning the 2.0 changes by >> offering a lot of "forward compatibility' options in 1.10 to prepare us for >> switching to 2.0. I could be wrong, but I think almost every one of the 2.0 >> changes can be elected in 1.10. The only difference I know of is the >> drastic change to authentication/authorization (which may be worth using the >> pre-release). >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "pylons-discuss" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to pylons-discuss+unsubscr...@googlegroups.com >> <mailto:pylons-discuss+unsubscr...@googlegroups.com>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/pylons-discuss/b0d9e559-d070-4522-82ef-217af2c63de2o%40googlegroups.com >> >> <https://groups.google.com/d/msgid/pylons-discuss/b0d9e559-d070-4522-82ef-217af2c63de2o%40googlegroups.com?utm_medium=email&utm_source=footer>. > > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to pylons-discuss+unsubscr...@googlegroups.com > <mailto:pylons-discuss+unsubscr...@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/7146D524-E61C-4B70-A78A-505F42059524%40gmail.com > > <https://groups.google.com/d/msgid/pylons-discuss/7146D524-E61C-4B70-A78A-505F42059524%40gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/E2C884F2-47F4-42B3-BA41-80827DC02C04%40thirdfloor.com.au.
