Creating alternative login to Google Users for Google app engine
https://stackoverflow.com/questions/1250437
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
How does one handle logging in and out/creating users, without using Google Users? I'd like a few more options then just email and password. Is it just a case of making a user model with the fields I need? Is that secure enough?
Alternatively, is there a way to get the user to log in using the Google ID, but without being redirected to the actual Google page?
Solution
I recommend using OpenID, see here for more -- just like Stack Overflow does!-)
OTHER TIPS
If you roll your own user model, you're going to need to do your own session handling as well; the App Engine Users API creates login sessions for you behind the scenes.
Also, while this should be obvious, you shouldn't store the user's password in plaintext; store an SHA-1 hash and compare it to a hash of the user's submitted password when they login.
