I was hoping to authenticate my Google App Engine (GAE) website, making a "members only" page. I was hoping to match emails/member IDs in a Google SQL table to data input in the HTTP Authentication pop-up box, but I'm having difficulties. Below is the general outline of my PHP:
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="Please enter your email in the username box and member ID in the password box"');
header('HTTP/1.0 401 Unauthorized');
echo 'Login credentials required for this Premium Content page.';}
else {
//Verify that the user has the proper credentials
}
It seems like SERVER['PHP_AUTH_USER'] is never set, indicating that the PHP is run in CGI mode. How do I go about making this work on Google App Engine? There are other places that show directions on how to get HTTP Authentication working in CGI mode (see here http://www.besthostratings.com/articles/http-auth-php-cgi.html), but they all refer to the .htaccess file, which I don't think GAE uses (it uses a .yaml file instead). I could just make an authentication page, but was hoping I could authenticate through means that are less vulnerable.
