| .. _auth.i18n: |
| |
| Authentication with webapp2 |
| =========================== |
| |
| Login with forms |
| ---------------- |
| |
| Login with sessions |
| ------------------- |
| |
| Login with tokens |
| ----------------- |
| |
| |
| Custom User model |
| ----------------- |
| :mod:`webapp2_extras.appengine.auth.models` provides a default ``User`` model |
| to be used on App Engine, but it can be replaced by any custom model that |
| implements the required interface. This means that :mod:`webapp2_extras.auth` |
| can be used with any model you wish -- even non-App Engine models which use, |
| let's say, ``SQLAlchemy`` or other abstraction layers. |
| |
| The required interface that a custom user model must implement consists of |
| only five methods:: |
| |
| class User(object): |
| |
| def get_id(self): |
| """Returns this user's unique ID, which can be an integer or string.""" |
| |
| @classmethod |
| def get_by_auth_token(cls, user_id, token): |
| """Returns a user object based on a user ID and token. |
| |
| :param user_id: |
| The user_id of the requesting user. |
| :param token: |
| The token string to be verified. |
| :returns: |
| A tuple ``(User, timestamp)``, with a user object and |
| the token timestamp, or ``(None, None)`` if both were not found. |
| """ |
| |
| @classmethod |
| def get_by_auth_password(cls, auth_id, password): |
| """Returns a user object, validating password. |
| |
| :param auth_id: |
| Authentication id. |
| :param password: |
| Password to be checked. |
| :returns: |
| A user object, if found and password matches. |
| :raises: |
| ``auth.InvalidAuthIdError`` or ``auth.InvalidPasswordError``. |
| """ |
| |
| @classmethod |
| def create_auth_token(cls, user_id): |
| """Creates a new authorization token for a given user ID. |
| |
| :param user_id: |
| User unique ID. |
| :returns: |
| A string with the authorization token. |
| """ |
| |
| @classmethod |
| def delete_auth_token(cls, user_id, token): |
| """Deletes a given authorization token. |
| |
| :param user_id: |
| User unique ID. |
| :param token: |
| A string with the authorization token. |
| """ |
| |
| Additionally, all values configured for ``user_attributes``, if any, must |
| be provided by the user object as attributes. These values are stored in the |
| session, providing a nice way to cache commonly used user information. |