Glossary

aiohttp

asyncio based library for making web servers.

asyncio

The library for writing single-threaded concurrent code using coroutines, multiplexing I/O access over sockets and other resources, running network clients and servers, and other related primitives.

Reference implementation of PEP 3156

https://pypi.python.org/pypi/asyncio/

authentication

Actions related to retrieving, storing and removing user’s identity.

Authenticated user has no access rights, the system even has no knowledge is there the user still registered in DB.

If Request has an identity it means the user has some ID that should be checked by authorization policy.

authorization

Checking actual permissions for identified user along with getting userid.

identity

Session-wide str for identifying user.

Stored in local storage (client-side cookie or server-side storage).

Use remember() for saving identity (sign in) and forget() for dropping it (sign out).

identity is used for getting userid and permission.

permission

Permission required for access to resource.

Permissions are just strings, and they have no required composition: you can name permissions whatever you like.

userid

User’s ID, most likely his login or email