Custom authentication in Google App Engine

python authentication google-app-engine

Does anyone know or know of somewhere I can learn how to create a custom authentication process using Python and Google App Engine?

I don't want to use Google accounts for authentication and want to be able to create my own users.

If not specifically for Google App Engine, any resource on how to implement authentication using Python and Django?


Solution 1:

Well django 1.0 was updated today on Google AppEngine. But you can make user authentication like anything else you just can't really use sessions because it is so massive.

There is a session utility in http://gaeutilities.appspot.com/

http://gaeutilities.appspot.com/session

http://code.google.com/p/gaeutilities/

Or,

You have to create your own user tables and hash or encrypt passwords, then probably create a token system that mimics session with just a token hash or uuid cookie (sessions are just cookies anyways).

I have implemented a few with just basic google.webapp request and response headers. I typically use uuids for primary keys as the user id, then encrypt the user password and have their email for resets.

If you want to authorize users for external access to data you could look at OAuth for application access.

If you just want to store data by an id and it is more consumer facing, maybe just use openid like stackoverflow and then attach profile data to that identifier like django profiles (http://code.google.com/p/openid-selector/).

django 1.0 just came out today on GAE but I think the same problems exist, no sessions, you have to really create your own that store session data.

Solution 2:

This is a pretty out-of-the-box solution, and works pretty well: http://code.scotchmedia.com/engineauth/docs/index.html

It has built-in support for Facebook, Google+, Twitter, LinkedIn, GitHub and OpenId (via Google App Engine).

you just have to redirect the user to /auth/facebook or /auth/google and so on (this url is customizable).

It also implements two classes: User and UserProfile, every User is a unique account in your app and may relate to one or more UserProfiles -- which one is a login strategy that the unique User has to login into your app (if it's unclear, it's because my English is very bad, the docs explain better).

P.S.: The documentation is not very complete, but the code is pretty simple, short and self-explanatory. Also, there is a discussion here in which the author provides various answers to questions of confused and beggining users.

Solution 3:

The OpenID consumer (part of the excellent "app engine samples" open source project) currently works (despite the warnings in its README, which is old) and would let you use OpenID for your users' logins.

django's auth is also usable, via e.g. this project (at least the users part, not necessarily groups and permissions though they might get them working any time).

Solution 4:

I saw that this pops up in google, every time you search "Custom login in app engine" so I decided to give an answer that has been serving me. Here is sample application https://github.com/fredrikbonander/Webapp2-Sample-Applications

This uses

  1. webapp2 (already in GAE 1.6.2)
  2. Jinja2 (already in GAE 1.6.2)

Webapp2 seems to be the best bet for GAE (built on top of webapp hence future proof) so authentication using framework natively supported by GAE is a good idea. There are many other frameworks but a lot of hacking has to be done on the users part to make them work. For people who want to build a "Stable" site, such hack work is extremely undesirable.

I also realize that SQL support for GAE is there now and django will be supported natively. We all know django has built in user authentication system. Although, I think, especially in the cloud world NoSQL is the future. I am sure there will be a framework as good as django in the future for NoSQL. But thats me, your requirement might demand something else.

Solution 5:

Here is an excellent and relatively recent (Jan 2013) blog post titled User authentication with webapp2 on Google App Engine, and related GitHub repo: abahgat/webapp2-user-accounts.

Related

Call a Struct and its Method by name in Go?
Setting up a polymorphic has_many :through relationship
iPhone SDK Internet connection detection
Getting "A valid signing identity matching this profile could not be found in your keychain" warning
Log4j config - different logs to different files
Repository and Data Mapper pattern
How to know whether enough memory is free to deploy a new application on a Linux machine?
Create an icon/Shortcut in main menu
How to never update nvidia driver
Firefox became all blurry, white, and flickering
sudo: unable to resolve host {hostname}: Temporary failure in name resolution
Trying to upgrade from 18.04 to 20.04, “Your python3 install is corrupted”