I'm going to develop a small web application on Gae with a registration section, login\logout and stuff like that.
Since Google app Engine does not support session out of the box and I don't want to restrict access using google Accounts, I am forced to pick a Framework that offers this kind of facilities.
My choices are:
Reading its book, Web2py seems to offer session object and has a good access control, offering an Auth class that implements Role-Based Access Control.
I don't know Djangoappengine yet but I suppose it offers Django Auth.
Webpy works on appengine but has not any official way to handle session on GAE.
If you have used these frameworks, do you mind to share you experience building a private site section on Google app engine?
web2py authentication works out of the box on Google App Engine. The only difference when running on GAE vs other platform is that on GAE sessions are saved in the datastore and not the filesystem.
The scaffolding application already has auth setup to work on gae.
Caveat: GAE needs to know which indexes to build. Unless you know how to edit web2py/index.yaml manually, you must run the app locally with dev_appserver and run all the auth options (register, login, logout, reset password, change password, edit profile, etc.) then deploy. By running the app locally once, queries are executed and dev_appserver can figure out which indexes it needs upon deployment.
web2py also has gluon/contrib/login_methods that are plugin modules for auth (ldap, pam, gmail, linkedin, ...). Some of them also work on GAE, some do not (for example there is no ldap and no pam on GAE).
App Engine now supports OpenID Authentication. Why not use that?
来源:https://stackoverflow.com/questions/3245497/google-app-engine-users-auth-djangoappengine-vs-web2py-vs-webpy