Basic/Digest HTTP Authentication in a Pyramid app

I have a very simple Pyramid app (my first one) and I'd like to 'lock' a couple of view callables with Basic/Digest HTTP Authentication (the generic login popup). This app will be administered by just one user. So I'd like a very basic security.

I've read theory about Pyramid's Authentication Policy, AuthKit, repoze.who, etc. But still ca开发者_运维知识库n someone give me a simple example/idea of a very very basic security in a Pyramidd app, just to lock several vew callables from the world?

Note: If somebody else is doing Basic Auth for a wsgi-app through Nginx and you used Cookbook conf to run your app with upstream, you may confront an issue when after successful authentication Nginx leads you to 404. All you have to do is point your restricted location to the same upstream:

location /restricted {
        proxy_pass              http://myapp-site;
        auth_basic              "Restricted";
        auth_basic_user_file    htpasswd;
    }

---

If you only have say one "/admin" section with one administrator you can configure nginx as a reverse proxy with authentication.

I'm using this to "protect" public sections of demo sites before opening to the whole world.

The advantage is that you can use exactly the same method for serving Django or Pylons applications, and it's very simple yet robust.