Pyramid-fullauth

-----

Features
++++++++

- configure root factory if it hasn't been already done
- configure session factory only if it hasn't been configured before
- configure authorization policy only if it hasn't been configured before
- configure authentication policy only if it hasn't been configured before
- logged in user will be redirected always away from login page
- views reorganisation - grouping by their function
- replaced force_logout decorator with logout request method
- small login view simplification

tests
+++++

- rewritten tests to use pytest_pyramid
- unified session with pyramid_basemodel's
- parametrize tests against two most recent pyramid versions and sqlalchemy
- turned on pylama to check code with linters:
- pep8
- pep257
- pyflakes
- mccabe
- add pytest-dbfixtures, and run tests against postgresql and mysql as well
- drop python 2.6 from tests
- 100% test coverage

-----
- weaker pyramid_yml requirements. Use ``registry['config']`` instead of ``request.config`` which gets added only when explicitly including tzf.pyramid_yml package.
- remove default_config with permission set for forbidden views. Throwning errors in pyramid 1.5a3
- remove lazy='load' for relationship between AuthenticationProvider and User models as it was incorrect. Fixes error while using with sqlalchemy 0.9

-----
- copy all headers when login user. fixes issue, when headers set in AfterLogin event would not get passed

-----
- fixed csrf_check in password:reset:continue action
- updated translation files

-----
- migrated tests to py.test
- removed nose and lxml from test requirements
- extracted UserEmailMixin from User model
- validation exception improvements
- set licensing to MIT License
- fixed general error message for register_POST processing
- activate action no longer gives 404 error after first use. Default is message about token being invalid or used [veronicazgirvaci]
- extending csrf_check predicate:
- Can be turned on/off in settings.
- Failed check rises 401 Unauthorised error

Backwards Incompatibilities
+++++++++++++++++++++++++++

- token variable is changed into csrf_token in fullatuh views
- view no longer returns error messages on failed csrf token. Rises 401 Unauthorised error instead.

-----
- add localize to requirements. Ability to translate registerlogin communicates
- ability to set custom session factory [with Veronica Zgirvaci help]
- moved password validation to one place