Ive spent days searching the web and im drawing a blank -im new to python too! I simply want to integrate RPX (janrain) into Appengine - loads of code for the script inserts and the return of the openid token - that's all great - but other than that no-one seems to take it any further as in actually creating an openid login that works - why? i assume no session management?

Here is a simple class handler that gets the TOKEN for the open id and then makes a fetch to grab the users profile. All very simple using RPX.

simple handler to get the response from RPX

class RPXHandler(webapp.RequestHandler):
  def get(self):
    token = self.request.get('token')
    url = 'https://rpxnow.com/api/v2/auth_info'
    args = {
      'format': 'json',
      'apiKey': '#YOUR KEY#',
      'token': token
      }
    r = urlfetch.fetch(url=url,
                       payload=u开发者_如何学JAVArllib.urlencode(args),
                       method=urlfetch.POST,
                       headers={'Content-Type':'application/x-www-form-urlencoded'}
                       )
json = simplejson.loads(r.content)

logging.info(json)

if json['stat'] == 'ok':    
  unique_identifier = json['profile']['identifier']
  nickname = json['profile']['preferredUsername']
  email = json['profile']['email']
  

  # log the user in using the unique_identifier
  # this should your cookies or session you already have implemented
  

  self.redirect('static/loggedin.html')
  else:
  self.redirect('static/error.html')  
  

Now # here is where the problem starts - ideally we could be lazy and just log them into Google accounts - but their is no method to log a user in ie;

user.login(email)

so that abandons any hope of using google accounts - and to fair if we have open id - why bother!

SO...

What i need is my own user datastore - thats simple - and some means of identifying if the user is logged in - sessions? But in AppEngine their is no support for sessions.

I have found a few class libarys which say they deal with this but it all looks badly documented and without good code examples

Can anyone help?

GAE gives you access to a database, right? Generate a secure token and store it with the user URL returned by RPX in the database. Set the secure token as a cookie so that you get it on every request - look the token up in the database and then do the rest from there.

While I'm worried about performance it actually works pretty well fro me.

there is a GAE recipe that should help

http://appengine-cookbook.appspot.com/recipe/accept-google-aol-yahoo-myspace-facebook-and-openid-logins/