Reputation: 15207
python appengine authorisation or authorization
Having settled on OpenID for authentication, I've been looking at authorisation frameworks for app-engine with the following requirements:
- be able to create and edit groups of users
- has built in permissions such as add, edit, delete
- has sensible defaults, e.g creator of an object can edit / delete but others can't
knowing enough to know that security permissions are a bad idea to self implement without a massive brain, i've been reading through django http://docs.djangoproject.com/en/dev/topics/auth/ and tipfy http://www.tipfy.org/wiki/extensions/acl/ to choose one that has already been cooking in the oven for a while.
It's not obvious which will be easier / more extensible so I was hoping to be able to call on experience, recommendations or other suggestions to make a sensible decision?
Upvotes: 3
Views: 305
Answers (2)
Reputation: 26652
2 pretty good frameworks I tried that have authorisation are GAEFramework and web2py. They are both easier to get started with than tipfy. I hope you like these.
Upvotes: 1
Reputation: 336
Based on that there are a lot of problems with django ORM and Google app engine datastore, and http://www.tipfy.org/ says that it is made specifically for Google App Engine I must suggest typfy.
Upvotes: 2
Related Questions
- Authenticate a Django/Appengine project using Firebase
- User authentication best practices
- authorization on google appengine application
- How to grant access to google appengine page in Python?
- python Google App Engine : Webapp2 : Authentication
- AppEngine WebService authentication handling
- Django and Google Apps users authentication
- Appengine ACL with Google Authentication
- Google app engine users Auth: Djangoappengine Vs Web2py Vs Webpy
- Appengine authentication on Android