开发者

How to protect a Google App Engine app with a password?

问答 作者:

How would you implement simple password protection on a Google App Engine application? No users authentication, just simple requirement to enter a password in order to open specific page. The other requirement is that the target page should not be displayed if its URL is entered directly.

开发者_开发技巧

I'm looking for a solution using Python.

If you're protecting a single page and need no session persistence.

class MainPage(webapp.RequestHandler):
    def post(self):
        if self.request.get('user') == 'admin' and self.request.get('pass') == 'soopersecure':
            self.response.out.write('authorized');
        else:
            self.response.out.write("""
<form method="post">
<input type="text" name="user"/>
<input type="password" name="pass"/>
<input type="submit" value="login"/>
</form>""")

Otherwise you could hash the username + salt and hand it to user as a session ID in a cookie and store that session ID into the datastore. Much simpler to use Google accounts though.

http://code.google.com/appengine/docs/python/gettingstarted/usingusers.html

If you want to restrict access for the entire app, use URL handler with "login" setting

Check - User and Administrator Login

继续阅读:google-app-enginepasswordssecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9