I'm doing a very rich UI with authentication, but it's all custom. In my experience, while the *concept* of registration/user management/authentication is standard, the *implementation* always has some nuances. I suspect that's why there isn't a cookie-cutter authentication scheme out there. (Not to mention if there was one, and everyone loved it and used it, it would be far less secure.)
I do the basics from the docs page here: http://webpy.org/docs/0.3/sessions I then extended that with my specific database stuff for logging in, checking password, etc. For ensuring a user remains authenticated, I put the user_id in the session. I use an auth handler that fires on every request - and throws you back to the login page if your cookie ever goes away. (/bypass is an example of a url that *is* allowed, even without an authenticated session. Be aware, it appears /static is exempt by default, so don't put anything secret in there.) def auth_app_processor(handle): path = web.ctx.path if path == "/bypass": return handle() if path != "/login" and not session.get('user', False): raise web.seeother('/login?msg=' + urllib.quote_plus("Session expired.")) return handle() Just banged this out while eating lunch. Hope it helps. NSC On Tue, May 15, 2012 at 12:52 PM, Bill Seitz <[email protected]> wrote: > Is there no "standard" library for web.py for providing register/login/ > etc.? > > The docs page doesn't have much: http://webpy.org/cookbook/userauth > > I found this nice-looking jpscaletti library, but it wouldn't work for > me, and the only reference to it in this group was from someone else > who hit the same wall with no resolution. > http://jpscaletti.com/webpy_auth/ > > Is nobody building user UI with web.py, or is just nobody sharing the > code? > > -- > You received this message because you are subscribed to the Google Groups > "web.py" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/webpy?hl=en. > > -- You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/webpy?hl=en.
