开发者

Using GAE users service - can't get "sign-in as a different user"

问答 作者:

I'm using the GAE users service for login/logout mechanism, with create_login_url, etc, and it all works fine. BTW, I use the federated OpenID option.

But I have one problem - since the users service checks with user=users.get_current_user() then if a user is logged in to his gmail, it automatically logs him into my service. This is OK, but what if a different user wants to login? how can I redirect the user to a page such as the "sign i开发者_高级运维n as a different user"?

I tried to remove the cookie I'm creating, and it gets removed:

  if not (self.request.cookies.has_key('ACSID')):
        logging.debug('no cookies')
        self.redirect(users.create_login_url(self.request.uri))
        return

then I see the log for "no cookies", but the next thing happens is that it logs the user in, without putting him on the "google accounts" login page... So the user never have the opportunity to login as a different user.

Any idea?

Best I can think of is; you could try showing a link to /_ah/login_required which will trigger the OpenID signin page and (hopefully) also contain a "sign in as someone else" button.

This doesn't fully solve the issue, as the problem is complicated by multiple openid providers.

It's not possible to force someone to sign out of their provider's site AFAIK.

Full example of creating the login/this-is-not-me page:

Add a login path to your app.yaml

- url: /_ah/login_required
  script: app.py

Create an OpenID login handler to create a relevent login url

class OpenIDHandler(webapp.RequestHandler):
    def get(self):
        """Begins the OpenID flow/Google Apps discovery"""
        self.redirect(users.create_login_url(
            dest_url='http://yourappid.appspot.com',
            _auth_domain=None,
            federated_identity=self.request.get('domain')))

Add an OpenID handler to your wgsi app (probably main.py):

def main():
    ROUTES = [
        ('/_ah/login_required',      handlers.OpenIDHandler),
    ]
    application = webapp.WSGIApplication(ROUTES, debug=True)
    util.run_wsgi_app(application)
if __name__ == '__main__':
  main()

Now you can visit /_ah/login_required whenever you want someone to be prompted with the login (or 'this is not me' page)

继续阅读:cookiesdjangogoogle-app-engineopenid

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9