CODEWITHSUNDEEP
pythongoogle-app-engineauthenticationgoogle-cloud-datastorewebapp2
jbro
jbro

Reputation: 75

GAE User Authentication using python, webapp2, ndb

I am new to handling user authentication, including login-session control using Python. I am using Google App Engine using Python with Webapp2 installed. I need help; please bear with me as I may be bit ignorant on the topic.

Here is what I want to do:

Basically, kind of like "facebook." Users have their list of favorite fruits with corresponding scores and comments in NDB repeated structured list. Say users can become "friends" and the friend's ID is saved in NDB friends StringListProperty, but no need to "accept" friends request, so one-way friendship is possible (i.e. user2 has user1 as friend, but user1 does not have user2 as friend) You can only view your friends' list of fruits.

For example (logically written, not in any language):

user2.favFruits = {'fruit':'apple','score':5,'comment':'always delicious!}

user1.friends = user2id

display user1.friends[1].fruitList

Currently, the URL shows uid as such: www.example.com/ViewFriendsFruits?id=user2id If anyone types that into the URL in the world, you get to user2's list of fruits page. This is what I want to avoid. I only want user1 to be able to view user2's list page since they are friends. User2 should also have the same page view as this is user2's page.

How would I handle something like this and using what? Does user1 need to be logged in? And if so, how do I manage? I don't even know what to search for an answer.

Your input will be greatly appreciated!

Upvotes: 0

Views: 400

Answers (1)

Mariatta
Mariatta

Reputation: 708

You should look into managing sessions in webapp2. Basically what need to happen is, user1 has to login, and you'll store the login info (eg user id) in the session. Whenever the url www.example.com/ViewFriendsFruits?id=user2id is hit, you'll want to check if there is currently user logged in (by checking the session). If there is a user in the session, you'll want to check if the user has user2 in the list of friends.

This thread has good example on how to handle sessions in webapp2. GAE webapp2 session: the correct process of creating and checking sessions

Upvotes: 1

Related Questions