I am newbie in Google App Engine. While I was going through the tutorial, I found several things that we do in php-mysql is not available in GAE. For example in dataStore auto increment feature is not available. Also I am confused about session management in GAE. Over all I am confused and can not visualize the whole thing.
我是Google App Engine的新手。在我阅读教程时,我发现我们在php-mysql中做的一些事情在GAE中是不可用的。例如,在dataStore中,自动增量功能不可用。此外,我对GAE中的会话管理感到困惑。总之,我很困惑,无法想象整个事情。
Please advise me a simple user management system with user registration, user login, user logout, session (create,manage,destroy) with data Store. Also please advise me where I can get simple but effective examples.
请告诉我一个简单的用户管理系统,包括用户注册,用户登录,用户注销,会话(创建,管理,销毁)和数据存储。另外请告诉我哪里可以得到简单但有效的例子。
Thanks in advance.
提前致谢。
3 个解决方案
#1
22
I tend to use my own user and session manangement
我倾向于使用自己的用户和会话管理
For my web handlers I will attach a decorator called session and one called authorize. The session decorator will attach a session to every request, and the authorize decorator will make sure that the user is authorised.
对于我的Web处理程序,我将附加一个名为session的装饰器和一个名为authorize的装饰器。会话装饰器将会话附加到每个请求,授权装饰器将确保用户被授权。
(A word of caution, the authorize decorator is specific to how I develop my applications - the username being the first parameter in most requests).
(请注意,授权装饰器特定于我如何开发我的应用程序 - 用户名是大多数请求中的第一个参数)。
So for example a web handler may look like:
例如,Web处理程序可能如下所示:
class UserProfile(webapp.RequestHandler):
@session
@authorize
def get(self, user):
# Do some funky stuff
# The session is attached to the self object.
someObjectAttachedToSession = self.SessionObj.SomeStuff
self.response.out.write("hello %s" % user)
In the above code, the session decorator attaches some session stuff that I need based on the cookies that are present on the request. The authorize header will make sure that the user can only access the page if the session is the correct one.
在上面的代码中,会话装饰器根据请求中存在的cookie附加了我需要的一些会话内容。授权标头将确保用户只有在会话正确的情况下才能访问该页面。
The decorators code are below:
装饰器代码如下:
import functools
from model import Session
import logging
def authorize(redirectTo = "/"):
def factory(method):
'Ensures that when an auth cookie is presented to the request that is is valid'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
#Get the session parameters
auth_id = self.request.cookies.get('auth_id', '')
session_id = self.request.cookies.get('session_id', '')
#Check the db for the session
session = Session.GetSession(session_id, auth_id)
if session is None:
self.redirect(redirectTo)
return
else:
if session.settings is None:
self.redirect(redirectTo)
return
username = session.settings.key().name()
if len(args) > 0:
if username != args[0]:
# The user is allowed to view this page.
self.redirect(redirectTo)
return
result = method(self, *args, **kwargs)
return result
return wrapper
return factory
def session(method):
'Ensures that the sessions object (if it exists) is attached to the request.'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
#Get the session parameters
auth_id = self.request.cookies.get('auth_id', '')
session_id = self.request.cookies.get('session_id', '')
#Check the db for the session
session = Session.GetSession(session_id, auth_id)
if session is None:
session = Session()
session.session_id = Session.MakeId()
session.auth_token = Session.MakeId()
session.put()
# Attach the session to the method
self.SessionObj = session
#Call the handler.
result = method(self, *args, **kwargs)
self.response.headers.add_header('Set-Cookie', 'auth_id=%s; path=/; HttpOnly' % str(session.auth_token))
self.response.headers.add_header('Set-Cookie', 'session_id=%s; path=/; HttpOnly' % str(session.session_id))
return result
return wrapper
def redirect(method, redirect = "/user/"):
'When a known user is logged in redirect them to their home page'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
try:
if self.SessionObj is not None:
if self.SessionObj.settings is not None:
# Check that the session is correct
username = self.SessionObj.settings.key().name()
self.redirect(redirect + username)
return
except:
pass
return method(self, *args, **kwargs)
return wrapper
#2
6
Django is your best bet -- with the version I pointed you to, auth and sessions should both "just work" as per the Django docs. this article gives simple instructions and example of how to proceed from there.
Django是你最好的选择 - 根据我指出的版本,auth和会话应该根据Django文档“正常工作”。本文提供了简单的说明和如何从那里开始的示例。
For Django sessions, see here; for Django auth, here.
对于Django会话,请参阅此处;对于Django auth,在这里。
#3
1
You don't write user management and registration and all that, because you use Google's own authentication services. This is all included in the App Engine documentation.
您不会编写用户管理和注册以及所有这些,因为您使用Google自己的身份验证服务。这些都包含在App Engine文档中。
#1
22
I tend to use my own user and session manangement
我倾向于使用自己的用户和会话管理
For my web handlers I will attach a decorator called session and one called authorize. The session decorator will attach a session to every request, and the authorize decorator will make sure that the user is authorised.
对于我的Web处理程序,我将附加一个名为session的装饰器和一个名为authorize的装饰器。会话装饰器将会话附加到每个请求,授权装饰器将确保用户被授权。
(A word of caution, the authorize decorator is specific to how I develop my applications - the username being the first parameter in most requests).
(请注意,授权装饰器特定于我如何开发我的应用程序 - 用户名是大多数请求中的第一个参数)。
So for example a web handler may look like:
例如,Web处理程序可能如下所示:
class UserProfile(webapp.RequestHandler):
@session
@authorize
def get(self, user):
# Do some funky stuff
# The session is attached to the self object.
someObjectAttachedToSession = self.SessionObj.SomeStuff
self.response.out.write("hello %s" % user)
In the above code, the session decorator attaches some session stuff that I need based on the cookies that are present on the request. The authorize header will make sure that the user can only access the page if the session is the correct one.
在上面的代码中,会话装饰器根据请求中存在的cookie附加了我需要的一些会话内容。授权标头将确保用户只有在会话正确的情况下才能访问该页面。
The decorators code are below:
装饰器代码如下:
import functools
from model import Session
import logging
def authorize(redirectTo = "/"):
def factory(method):
'Ensures that when an auth cookie is presented to the request that is is valid'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
#Get the session parameters
auth_id = self.request.cookies.get('auth_id', '')
session_id = self.request.cookies.get('session_id', '')
#Check the db for the session
session = Session.GetSession(session_id, auth_id)
if session is None:
self.redirect(redirectTo)
return
else:
if session.settings is None:
self.redirect(redirectTo)
return
username = session.settings.key().name()
if len(args) > 0:
if username != args[0]:
# The user is allowed to view this page.
self.redirect(redirectTo)
return
result = method(self, *args, **kwargs)
return result
return wrapper
return factory
def session(method):
'Ensures that the sessions object (if it exists) is attached to the request.'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
#Get the session parameters
auth_id = self.request.cookies.get('auth_id', '')
session_id = self.request.cookies.get('session_id', '')
#Check the db for the session
session = Session.GetSession(session_id, auth_id)
if session is None:
session = Session()
session.session_id = Session.MakeId()
session.auth_token = Session.MakeId()
session.put()
# Attach the session to the method
self.SessionObj = session
#Call the handler.
result = method(self, *args, **kwargs)
self.response.headers.add_header('Set-Cookie', 'auth_id=%s; path=/; HttpOnly' % str(session.auth_token))
self.response.headers.add_header('Set-Cookie', 'session_id=%s; path=/; HttpOnly' % str(session.session_id))
return result
return wrapper
def redirect(method, redirect = "/user/"):
'When a known user is logged in redirect them to their home page'
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
try:
if self.SessionObj is not None:
if self.SessionObj.settings is not None:
# Check that the session is correct
username = self.SessionObj.settings.key().name()
self.redirect(redirect + username)
return
except:
pass
return method(self, *args, **kwargs)
return wrapper
#2
6
Django is your best bet -- with the version I pointed you to, auth and sessions should both "just work" as per the Django docs. this article gives simple instructions and example of how to proceed from there.
Django是你最好的选择 - 根据我指出的版本,auth和会话应该根据Django文档“正常工作”。本文提供了简单的说明和如何从那里开始的示例。
For Django sessions, see here; for Django auth, here.
对于Django会话,请参阅此处;对于Django auth,在这里。
#3
1
You don't write user management and registration and all that, because you use Google's own authentication services. This is all included in the App Engine documentation.
您不会编写用户管理和注册以及所有这些,因为您使用Google自己的身份验证服务。这些都包含在App Engine文档中。