Manage basic security on the session.


This requires a config to be passed to atoti.Session.__init__()’s authentication parameter.

property credentials: MutableMapping[str, str]#

Mapping from username to password.


At the moment, unlike the rest of the Security configuration, these credentials are transient (kept in memory). They are not stored in the user content storage and thus will reset when the session stops.

Use individual_roles to grant roles to the user.


>>> session = tt.Session(authentication=tt.BasicAuthenticationConfig())
>>>["elon"] = "X Æ A-12"
>>> # The password can be changed:
>>>["elon"] = "AE A-XII"
>>> # But, for security reasons, it cannot be retrieved (accessing it will return a redacted string):
{'elon': '**REDACTED**'}
>>> # Prevent user to authenticate through basic authentication:
>>> del["elon"]