If you're familiar with Python:
If you've got separate request handlers for the parts of the site that
require login and the parts that don't, you can make a function
descriptor that checks if the user is logged in before calling the
actual function. If the user is not logged in, it redirects to a login
page. Then you can use this descriptor on the get / post methods.
Google provides this functionality with their @require_login
descriptor that redirects to the Google Accounts login page if the
user is not logged in, but this doesn't work when rolling your own
authentication system, obviously.
If you're not familiar with Python:
The simplest way is probably to just make a function you can call that
returns True if the user is logged in. If the user is not logged in,
it redirects the user to your login page, then returns False. In your
actual get / post method you check whether the result of this function
is False, and if so, you leave the method:
def logged_in(request):
if [user is logged in]:
return True
request.redirect('/login')
return False
class UserSettings(webapp.RequestHandler):
def get(self):
if not logged_in(self): return
# show page
On Jan 28, 3:13 am, solidus <[email protected]> wrote:
> Hi all,
>
> I'm new to appengine and somewhat new to web development. My question
> is regarding proper ways to use sessions.
>
> I'm currently messing around using the gaeutilities sessions module. I
> have a basic login page and some content. The question is what is the
> standard/best practice way to ensure that users aren't accessing parts
> of your site (via direct URL) without first going through the login
> screen?
>
> Also, how does one go about deleting or clearing session data once the
> user leaves the site without logging out first?
>
> Thanks!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en
-~----------~----~----~----~------~----~------~--~---
