开发者

How does Google App Engine User Service work internally?

问答 作者:

I'm just curious about how Google app engine's user service works. The way I understand it, the user logged in state开发者_如何学C is stored in the cookie. To get the cookie, one has to have a http servlet request object (for java servlet at least). But the user service api doesn't require any http servlet request as input, so how does it get the cookie to check the whether the user is logged in or not?

Tim

During requests, user setup is handled by Google's servlet implementation.

[I]f the user is signed in and get the user's email address or OpenID identifier using the standard servlet API, with the request object's getUserPrincipal() method.

During the login process, the service works using redirects, similar to OpenID or OAuth. Take a look a the URLs throughout the login process.

  1. Users are redirected to a URL, which is handled by App Engine, on your app, something like:

    http://app.appspot.com/_ah/login?continue=http://app.appspot.com/dosomething

  2. The login handler redirects to the Google login service, something like:

    https://www.google.com/accounts/ServiceLogin?service=ah&continue=http://app.appspot.com/_ah/login%3Fcontinue%3Dhttp://app.appspot.com/dosomething&ltmpl=gm&ahname=Your+App+Name&sig=hf3322hdsk98fd8fh3u29hfh24as

  3. You login, then Google redirects you back to the app engine login handler:

    http://app.appspot.com/_ah/login?continue=http://app.appspot.com/dosomething

    When Google redirects, some query parameters will be passed to the App Engine login handler, and the built-in login handler will set the cookie.

  4. You are then redirected to the URL you specified, or where you 'started' from. Something like:

    http://app.appspot.com/dosomething

What about the in the subsequent calls? For example (continuing from your point 4)

  1. User calls the servlet http://app.appspot.com/dosomethingelse

In the servlet dosoemthingelse, I can again call UserService like this

UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
String userId = user.getUserId();

How does this userService instance gets the cookie to know who is the currently logged in user?

继续阅读:authenticationgoogle-app-engine

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9