0

We're writing a Desktop application that relies on Google Appengine to authenticate the user and retrieve and store data associated to it. The way we'd like to authenticate the user is that on launching the application the browser is launched at the login url for our application. Then the user logins there, and then the application makes restful calls without any OAUTH object, but re-using the browser session. I'm questioned that this won't work, since we cannot so transparently use the browser session. Is that correct? Any alternatives beside authenticating from within the app using the ClientLoginApi?

I'm aware of: How do you access an authenticated Google App Engine service from a (non-web) python client?

Community
  • 1
  • 1
simpatico
  • 10,709
  • 20
  • 81
  • 126

1 Answers1

0

The only way to do this is if you can capture the authentication cookie used by the browser, and send it yourself. Obviously, there's no browser- or platform- independent way to do this.

A better option would be to use OAuth, with OAuth for installed apps to obtain the original token.

Nick Johnson
  • 100,655
  • 16
  • 128
  • 198