2

I want to develop a business app on GAE. The business proprietor somehow does not like or misunderstands the OpenID idea, insists on implementing local user management: registration using login and password stored in the app's data store.

I would like to implement what he wants by using "local" OpenID provider. It seems to be the most straightforward approach. Is there a way to "drop in" existing OpenID provider library (+the login dialog +maybe registration workflow) and use it in the same app? Would Janrain, for instance, require lot of tinkering to do that?

In case this was not the way, can I create User instance on my own and use user name+password from local store? How to handle session management then?

Sorry, I am not very experienced in this matter and it really annoys me to get distracted by user management from the main business topic :(

Lipis
  • 21,388
  • 20
  • 94
  • 121
Jindrich Vavruska
  • 627
  • 8
  • 20
  • As I think more and more about it, is it possible that all I need is to write a plain-and-simple login/password input and, when authenticated successfully, create "unbound" User instance and set its email address and a "fake" OpenID as federated_identity, and then continue using it? I.e. something like "user = get_current_user(); if user is None: user = google.appengine.api.users.User( email = ..., federated_identity = ...)" – Jindrich Vavruska Jun 22 '12 at 17:19
  • I don't have so much idea about this. when I was exploring this same feature then got one solution to create own local openid provider in java using JOIDS (Java Open Id Server) refer link: http://code.google.com/p/openid-server/. so try to explore code for this might be you got proper solution. – bNd Jun 22 '12 at 17:31

1 Answers1

3

I think implementing a "virtual" OpenID provider isn't the best solution to your problem. You simply will have to store your own cookies/sessions on who is the current logged in user. To do that manually on Google App Engine is not that easy, but luckily enough there are plenty of frameworks that taking care of that (gae-sessions is one of them).

I would suggest you to take a look on the Flask-Login, which can be integrated with your Google App Engine. Flask-Login offers you a login manager that taking care of all the background work with secure sessions, and it's up to you to decided who is the logged in user. It doesn't matter if she logged in using a custom login (username/password) or an OpenID login, because in both cases you will have one User model that will store the extra info for a particular user. Then simply you will have to set that user_db entity as the logged in user.

You can check gae-init (disclaimer: I'm the creator) as an example on how to use the Flask-Login, among other things, with Google, Facebook & Twitter logins. Note that Facebook and Twitter are not part of the federated login that Google is offering.

Lipis
  • 21,388
  • 20
  • 94
  • 121