fixed a bug constructing crypt context config

The format of the pyramid .INI files and the expected format
for the passlib config is slightly different on lists. A pyramid ini
file separates list items based on whitespace (and indention) where the
passlib config uses a comma.

development.ini

@@ -21,7 +21,7 @@ retry.attempts = 3
 
 # passlib settings
 # setup the context to support only argon2 for the moment
-passlib.schemes = argon2, bcrypt
+passlib.schemes = argon2 bcrypt
 # default encryption scheme is argon2
 passlib.default = argon2
 # flag every encryption method as deprecated except the first one

ordr/__init__.py

@@ -11,6 +11,7 @@ def main(global_config, **settings):
     config.include('pyramid_jinja2')
     config.include('.models')
     config.include('.resources')
+    config.include('.security')
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.scan()
     return config.make_wsgi_app()

ordr/security.py

@@ -1,5 +1,5 @@
 from passlib.context import CryptContext
-from pyramid.settings import aslist, asbool
+from pyramid.settings import aslist
 
 
 password_context = CryptContext()
@@ -16,10 +16,15 @@ def crypt_context_settings_to_string(settings, prefix='passlib.'):
     context settings is quite a task. Since passlib has a context parser 
     included, this seems the most reliable way to do it.
     '''
+    as_list_keys = {'schemes', 'deprecated'}
     config_lines = ['[passlib]']
     for ini_key, value in settings.items():
         if ini_key.startswith(prefix):
-            context_key = ini_key.replace(prefix, '')
+            context_key = ini_key.replace(prefix, '')            
+            # the pyramid .ini format is different on lists 
+            # than the .ini format used by passlib.
+            if context_key in as_list_keys and ',' not in value:
+                value = ','.join(aslist(value))
             config_lines.append(f'{context_key} = {value}')
     return '\n'.join(config_lines)