用于身份验证和登录的 Webapp2 [英] Webapp2 for Authentication and Login

问题描述

我想为我的 Python Google App Engine 应用程序推出自己的登录系统(而不是使用 Google 的 usersapi).

I would like to roll my own login system for my python Google App Engine application (rather than using Google's users api).

我正在使用 webapp2，我注意到有一个 webapp2_extras.auth 模块和不完整的身份验证教程.

I am using webapp2, and I noticed that there is a webapp2_extras.auth module and an incomplete auth tutorial.

有谁知道我如何使用这个 API 来创建:

Does anyone know how I can use this API to create:

• 用户注册(获取电子邮件和密码，或许还可以验证电子邮件)
• 用户使用电子邮件和密码登录

一旦我有了电子邮件和密码，我应该把它存储在哪里?在 AuthStore 中?以及如何针对 AuthStore 进行身份验证?

Once I have the email and password, where do I store it? In the AuthStore? And how do I authenticate against the AuthStore?

推荐答案

存储用户凭据和信息的方式和位置完全取决于您；您引用的 webapp2 模块仅提供了一个接口，如果您想使用其功能，则必须遵守该接口.一个明显的(也许是唯一明智的)选择是数据存储.

How and where you store user credentials and information is entirely up to you; the webapp2 module you reference merely provides an interface you must conform to if you want to use its features. An obvious (perhaps the only sensible) choice would be the datastore.

我强烈推荐使用内置的 OpenID 支持不过，不要滚动你自己的.这样做，您将迫使用户创建另一个用户名和密码，并且您自己承担了一整套密码存储和安全问题.

I'd strongly, strongly recommend using the built in OpenID support instead of rolling your own, though. By doing so, you're forcing users to create yet another username and password, and you're taking on a whole set of password storage and security hassles for yourself.

这篇关于用于身份验证和登录的 Webapp2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！