Nick, I think you're overestimating the proverbial "average user". In fact, in user testing our own application, users are almost unanimously tripped up when they are redirected to Google to login. We frequently *heard* the user say this:
"Okay, now I click here to login and... oh... why am I asked to login to Google?" I'm just pointing this out so that we don't all get stuck in a belief set that may not be accurate. Personally, I think Google needs to come up with an API (whether it be javascript or otherwise) for AppEngine apps to authenticate users more naturally. It's very jarring and, dare I say, short sited to force all users of all apps away from an application to an unbranded login screen. - ryan. On Wed, Nov 4, 2009 at 2:40 AM, Nick Johnson (Google) < [email protected]> wrote: > Hi, > > Framing the login page is strongly discouraged, and may in fact be contrary > to the TOS. The only way for the user to determine that a login page for a > Google account is legitimate is to check if it's being served off the > google.com domain, and this is not possible inside a frame. > > -Nick Johnson > > > On Mon, Nov 2, 2009 at 10:36 PM, reyelts <[email protected]> wrote: > >> >> I apologize if I'm posting to the wrong place, I don't know if this is >> a basic HTML question, a Python question, a GAE question, or some >> combination of the set... >> >> Since we can't have much impact on the use login window for Google App >> Engine (ie to change the language or add an image), I'm looking at >> embedding the login page, like so: >> >> from google.appengine.ext import webapp >> from google.appengine.api import users >> >> class main(webapp.RequestHandler): >> def get(self): >> user = users.get_current_user() >> >> if user == None: >> self.response.out.write('<html>\n<body>\n') >> self.response.out.write('<p>My intro text</p>\n') >> self.response.out.write('<hr>\n') >> self.response.out.write('<object\n') >> self.response.out.write(' data="' + users.create_login_url >> (self.request.uri) + '"\n') >> self.response.out.write(' type="text/html"\n') >> self.response.out.write(' width=100% height=50%>\n') >> self.response.out.write('</object>') >> self.response.out.write('<hr>\n') >> self.response.out.write('</body>\n</html>\n') >> else: >> self.response.out.write('<html>\n<body>\n') >> self.response.out.write('<p>' + user.nickname() + 'is logged >> in!</p>\n') >> self.response.out.write('</body>\n</html>\n') >> >> This works fine: I get "My intro text" at the top of the window >> followed by a pane with the login. However, when I login, the result >> ("user is logged in") is written to the pane where the login occurred, >> vs. replacing the whole window. I tried this with the older <iframe>, >> and get the same result. >> >> Is there a way to re-take over the complete window (ie make the frame >> I created go away) on the redirect? >> >> >> >> > > > -- > Nick Johnson, Developer Programs Engineer, App Engine > Google Ireland Ltd. :: Registered in Dublin, Ireland, Registration Number: > 368047 > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
