mod_wsgi authentication

60 views
Skip to first unread message

Andrey Kargashinskiy

unread,
Sep 1, 2010, 12:42:38 AM9/1/10
to mod...@googlegroups.com

Hi. Can anybody help me? I've got a script like this:

 

<form action="script.wsgi" method="POST">

<input name="login" type="text">

<input name="password" type="password">

<input type="submit" name="submit">

</form>

 

Can anybody write me easy script for user's authentication without frameworks, but with Apache/mod_wsgi and DBM file. I've seen http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms,

but i need an example.

 

Thanks.

Graham Dumpleton

unread,
Sep 1, 2010, 12:53:36 AM9/1/10
to mod...@googlegroups.com
If you are going to use a DBM file, why don't you just use Apache to
do it. It has a module for using a DBM file for HTTP authentication
mechanisms. See:

http://httpd.apache.org/docs/2.2/howto/auth.html
http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html
http://httpd.apache.org/docs/2.2/mod/mod_authn_dbm.html

In other words, sounds like you don't need to have authentication part
in WSGI code.

If what you are after is form/session based authentication rather than
HTTP basic authentication, then use a framework/toolkit that already
implements it. You shouldn't be trying to implement authentication
yourself unless you are experienced at web programming, else big risk
of getting it all wrong and having an insecure site.

For a simple micro framework, go look at Flask (flask.pocoo.org).

Graham

> --
> You received this message because you are subscribed to the Google Groups
> "modwsgi" group.
> To post to this group, send email to mod...@googlegroups.com.
> To unsubscribe from this group, send email to
> modwsgi+u...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/modwsgi?hl=en.
>

Andrey Kargashinskiy

unread,
Sep 1, 2010, 1:25:04 AM9/1/10
to mod...@googlegroups.com
Thanks much!
But if you will write about form/session based authentication with mod_wsgi, please, send me a link.

Andru

Graham Dumpleton

unread,
Sep 1, 2010, 1:29:47 AM9/1/10
to mod...@googlegroups.com
The mod_wsgi module is an implementation of the Python WSGI interface.
Other people have written about WSGI so you need to go find what they
have done. I don't tend to write generic documentation for WSGI. Start
here:

http://www.wsgi.org/wsgi/Learn_WSGI

I really can't overemphasise that you really should start with an
existing framework or toolkit.

If you don't like a framework dictating how to do things, then look at AuthKit.

http://authkit.org/

It implements all sorts of authentication for WSGI as components which
you can integrate into your own WSGI application.

Graham

Andrey Kargashinskiy

unread,
Sep 1, 2010, 1:38:29 AM9/1/10
to mod...@googlegroups.com
Thank you very much indeed!!!
Reply all
Reply to author
Forward
0 new messages