Google App Engine的简单用户管理示例？

Question

我是Google App Engine的新手.在我阅读教程时,我发现我们在php-mysql中做的一些事情在GAE中不可用.例如,在dataStore中,自动增量功能不可用.此外,我对GAE中的会话管理感到困惑.总之,我很困惑,无法想象整个事情.

请告诉我一个简单的用户管理系统,包括用户注册,用户登录,用户注销,会话(创建,管理,销毁)和数据存储.另外请告诉我哪里可以得到简单但有效的例子.

提前致谢.

Answer 1

我倾向于使用自己的用户和会话管理

对于我的Web处理程序,我将附加一个名为的装饰器session和一个名为的装饰器authorize.该session装饰将在一个会话连接到每一个请求,authorize装饰将确保用户被授权.

(请注意,授权装饰器特定于我如何开发我的应用程序 - 用户名是大多数请求中的第一个参数).

例如,Web处理程序可能如下所示:

class UserProfile(webapp.RequestHandler):
  @session
  @authorize
  def get(self, user):
     # Do some funky stuff
     # The session is attached to the self object.
     someObjectAttachedToSession = self.SessionObj.SomeStuff
     self.response.out.write("hello %s" % user)

在上面的代码中,session装饰器根据请求中存在的cookie附加了我需要的一些会话内容.该authorize头将确保如果会话是正确的用户只能访问页面.

装饰器代码如下:

import functools
from model import Session
import logging

def authorize(redirectTo = "/"):
    def factory(method):
        'Ensures that when an auth cookie is presented to the request that is is valid'
        @functools.wraps(method)
        def wrapper(self, *args, **kwargs):

            #Get the session parameters
            auth_id = self.request.cookies.get('auth_id', '')
            session_id = self.request.cookies.get('session_id', '')

            #Check the db for the session
            session = Session.GetSession(session_id, auth_id)           

            if session is None:
                self.redirect(redirectTo)
                return
            else:
                if session.settings is None:
                    self.redirect(redirectTo)
                    return

                username = session.settings.key().name()

                if len(args) > 0:               
                    if username != args[0]:
                        # The user is allowed to view this page.
                        self.redirect(redirectTo)
                        return

            result = method(self, *args, **kwargs)

            return result
        return wrapper
    return factory

def session(method):
    'Ensures that the sessions object (if it exists) is attached to the request.'
    @functools.wraps(method)
    def wrapper(self, *args, **kwargs):

        #Get the session parameters
        auth_id = self.request.cookies.get('auth_id', '')
        session_id = self.request.cookies.get('session_id', '')

        #Check the db for the session
        session = Session.GetSession(session_id, auth_id)           

        if session is None:
            session = Session()
            session.session_id = Session.MakeId()
            session.auth_token = Session.MakeId()
            session.put()

        # Attach the session to the method
        self.SessionObj = session           

        #Call the handler.          
        result = method(self, *args, **kwargs)

        self.response.headers.add_header('Set-Cookie', 'auth_id=%s; path=/; HttpOnly' % str(session.auth_token))
        self.response.headers.add_header('Set-Cookie', 'session_id=%s; path=/; HttpOnly' % str(session.session_id))

        return result
    return wrapper

def redirect(method, redirect = "/user/"):
    'When a known user is logged in redirect them to their home page'
    @functools.wraps(method)
    def wrapper(self, *args, **kwargs):
        try:    
            if self.SessionObj is not None:
                if self.SessionObj.settings is not None:
                    # Check that the session is correct
                    username = self.SessionObj.settings.key().name()

                    self.redirect(redirect + username)
                    return
        except:
            pass
        return method(self, *args, **kwargs)
    return wrapper

Answer 2

Django是你最好的选择 - 根据我指出的版本,auth和会话应该根据Django文档"正常工作". 本文提供了简单的说明以及如何从那里开始的示例.

对于Django会话,请参阅此处 ; 对于Django auth,在这里.