How to retrict access to myapplication.appspot.com - google app engine?

For a google app engine application, I would like to retrict access to myself to my website http://myapplication.appspot.com but at the same time let my android phone app users access it. My android phone app use GetValue and StoreValue command from a custom TinyWebdB component from google app inventor to my appspot database.

My appspot.com page is written with Python (file main.py).

What instruction should I add to the app.yam开发者_开发技巧l and main.py files ?

In your mobile app you should put something unique into the headers sent, or the user-agent string. Then in your python code could you could check for the presence of that value to decide if the visitor is allowed or forbidden (return status code 403).

To allow yourself to view the app you should check to see if the current user is an admin user.

Sortacode example:

from google.appengine.api import users

allowed = False

if unique_value_in_request():
    allowed = True

user = users.get_current_user()
if user and users.is_current_user_admin():
    allowed = True

if not allowed:
    # return 403 status

# do normal stuff