You don't have to use Django authentication to protect a page with an admin login. You can still do this with app.yaml. This does mean you're specifying URLs in both app.yaml and urls.py but it does work rather well:
For example, in my urls.py I have:
urlpatterns = patterns('views',
(r'^$','home'),
(r'^gallery/$','home'),
(r'^admin/$','admin'),
(r'^contact/$','contact'),
(r'^contact/sent/$','contact_sent'),
(r'^admin/init/$','initialise'),
(r'^admin/refresh/$','flush'),
...etc - lots more views
And in my app.yaml I have:
handlers:
- url: /static
static_dir: static
- url: /admin/.*
script: main.py
login: admin
- url: /.*
script: main.py
So all my URLs for dynamic pages are still handled by Django, but any ones starting /admin/... require an admin login first.
Regards,
Dave.