Webapp2用于身份验证和登录 [英] Webapp2 for Authentication and Login

问题描述

我想为我的python Google App Engine应用程序推出我自己的登录系统（而不是使用Google的用户api ）。

我使用的是webapp2，并且我注意到有一个webapp2_extras.auth 模块和未完成认证教程。

有谁知道我可以如何使用这个API来创建：

• 用户注册（带电子邮件和密码，或者验证电子邮件）
  
• 用户使用电子邮件和密码登录

有了电子邮件和密码后，我可以在哪里存储它？在AuthStore中？
我如何对AuthStore进行身份验证？

解决方案

您如何以及在哪里存储用户凭据和信息完全用完给你;您引用的webapp2模块仅提供您必须遵循的界面，以便使用其功能。一个明显的（也许是唯一明智的）选择将是数据存储。

我强烈建议使用内置的 OpenID支持，而不是滚动自己的。通过这样做，你迫使用户创建另一个用户名和密码，并且你正在为自己承担一整套密码存储和安全问题。

I would like to roll my own login system for my python Google App Engine application (rather than using Google's users api).

I am using webapp2, and I noticed that there is a webapp2_extras.auth module and an incomplete auth tutorial.

Does anyone know how I can use this API to create:

• User Registration (take an email and password, and perhaps verify email)
• User Login with email and password

Once I have the email and password, where do I store it? In the AuthStore? And how do I authenticate against the AuthStore?

解决方案

How and where you store user credentials and information is entirely up to you; the webapp2 module you reference merely provides an interface you must conform to if you want to use its features. An obvious (perhaps the only sensible) choice would be the datastore.

I'd strongly, strongly recommend using the built in OpenID support instead of rolling your own, though. By doing so, you're forcing users to create yet another username and password, and you're taking on a whole set of password storage and security hassles for yourself.

这篇关于Webapp2用于身份验证和登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！