Custom authentication in Google App Engine

Question

Does anyone know or know of somewhere I can learn how to create a custom authentication process using Python and Google App Engine?

I don\'t want to use Google accou

Answer 1

I saw that this pops up in google, every time you search "Custom login in app engine" so I decided to give an answer that has been serving me. Here is sample application https://github.com/fredrikbonander/Webapp2-Sample-Applications

This uses

1. webapp2 (already in GAE 1.6.2)
2. Jinja2 (already in GAE 1.6.2)

Webapp2 seems to be the best bet for GAE (built on top of webapp hence future proof) so authentication using framework natively supported by GAE is a good idea. There are many other frameworks but a lot of hacking has to be done on the users part to make them work. For people who want to build a "Stable" site, such hack work is extremely undesirable.

I also realize that SQL support for GAE is there now and django will be supported natively. We all know django has built in user authentication system. Although, I think, especially in the cloud world NoSQL is the future. I am sure there will be a framework as good as django in the future for NoSQL. But thats me, your requirement might demand something else.

Answer 2

Have a look app-engine-patch for Django (your preferred framework I assume from your question). It offers authentication on gae.

Alternatively, take a look at web2py. It's a Python-based framework that works on GAE and Relational databases. It's built-in Auth object provides for users, groups and permissions.

It doesn't give unbridled access to BigTable though, instead offering a subset of relational functionality (BigTable doesn't support Joins for example and web2py doesn't [yet] support BigTable models).

Support for BigTable is being discussed by both Web2py and Django communities.

Answer 3

I googled around for a custom authenication system for app engine for a while. I eventually settled for running flask on app engine. I used this boilerplate for running flask on app engine https://github.com/kamalgill/flask-appengine-template/ and this flask auth extension http://pypi.python.org/pypi/Flask-Auth/ which comes with plug and play google app engine support. I think flask also has a very nice oAuth library so eventually adding facebook and twitter logins will be easy

Answer 4

Well django 1.0 was updated today on Google AppEngine. But you can make user authentication like anything else you just can't really use sessions because it is so massive.

There is a session utility in http://gaeutilities.appspot.com/

http://gaeutilities.appspot.com/session

http://code.google.com/p/gaeutilities/

Or,

You have to create your own user tables and hash or encrypt passwords, then probably create a token system that mimics session with just a token hash or uuid cookie (sessions are just cookies anyways).

I have implemented a few with just basic google.webapp request and response headers. I typically use uuids for primary keys as the user id, then encrypt the user password and have their email for resets.

If you want to authorize users for external access to data you could look at OAuth for application access.

If you just want to store data by an id and it is more consumer facing, maybe just use openid like stackoverflow and then attach profile data to that identifier like django profiles (http://code.google.com/p/openid-selector/).

django 1.0 just came out today on GAE but I think the same problems exist, no sessions, you have to really create your own that store session data.