1

I'm looking at building a website using Web.py, and there is no built-in authentication system. Having read various things about authentication on websites, a common theme I keep hearing is "Don't roll your own, use someone else's." There are some examples of simple authentication on the site, like this one, but they all say at the bottom "Don't use this in production code."

So then, is there a generic authentication library for Python that I could use with Web.py? Or, is it really not that hard to roll my own?

Improve this question

2 Answers 2

Reset to default
1

If you can't find one easily, then probably discarding the advice and rolling your own is not a bad choice.

I don't think you'll find anything out of the box. The authentication system, is coupled with and dependent on the architecture (in your case probably it is Web only). Having said that it'll perhaps be easier to integrate django's authentication (django.contrib.auth) by putting some hooks here and there with web.py. Even then, it'll import a lot of django'ish ORM and other stuff behind the scene, but it is definitely possible.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Rolling out your own authentication system is not a very good idea. It's extremely difficult to get correct, unless you've spent a career studying web security.
1

Try repoze.who / what - it's implemented as WSGI middleware, so should fit into your stack well.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.