On Tue, Feb 3, 2009 at 12:17 PM, Jason C <[email protected]> wrote:
>
> We use Google Accounts for our application, which is a Django(trunk) /
> app-engine-helper application.
>
> Normally, on our views, we can just use
>
> @require_login
>
> decorator, and everything works out.
>
> However, in some cases, we are not able to pass the cookie that makes
> this stuff work out well.
>
> Is there a mechanism that we can use the ASCID ticket value and
> validate that it is a valid login?
>
> Imagine that we pass thie ASCID value as a request param and hit an
> undecorated view like this:
>
> def my_view(request, ascid):
> auth.validate_ticket(ascid) # does some programmatic call like
> this exist
>
> Is there some way to programmatically validate the auth token for a
> Google Account?
Hi Jason,
We do not provide a mechanism to independently validate or decode the
ACSID cookie at this time. Currently this is done transparently to
application code; we read the cookie and set environment variables to
match the currently logged in user. I can understand your needs here,
though, given that bug in Flash that you mentioned.
I think the simplest way to deal with this is to store the mapping
from ACSID to user info in the Datastore and issue your own temporary
auth token. You would declare a new model:
class TemporaryToken(db.Model):
acsid_hash = db.StringProperty()
acsid_cookie = db.TextProperty()
creation_time = db.DateTimeProperty(auto_now=True)
user = db.UserProperty()
When the user first logs in, do something like:
token = TemporaryToken(
acsid_hash=sha1(...acsid cookie...),
acsid_cookie=...,
user=users.get_current_user(),
key_name=sha1(...acsid cookie...))
token.put()
The token will be the sha1 hash of the ACSID cookie. You can then
easily get the user with this get() request:
TemporaryToken.get_by_key_name(token).user
Hope that helps!
-Brett
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en
-~----------~----~----~----~------~----~------~--~---
