Pete..... wrote: > Hi all. > > Unfortunaly it looks like I dont have to skill to make a secure log in, cant > figure out how the code has to look like, so guess my webpage has to live > with a security issue. > > Thanks for the effort you put into teaching me the use of cookies. >
I've written a library called 'login_tools' that does login/user management for CGI scripts. It doesn't use a database to store logins though. You can fins it at (with online example) : http://www.voidspace.org.uk/python/logintools.html If you want any help setting it up or working with it then feel free to email me about it. It's possible to plug it in to existing CGI scripts with literally two lines of code.... Regards, Fuzzy http://www.voidspace.org.uk/python/index.shtml > Best wishes > Pete.... > > "Pete....." <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > Thanks. > > > > But I would really like to do this from scratch, so that I can learn it, I > > dont think I need that much more, before it works. > > > > I found an example with asp, where the save the session if the password is > > correct. It isnt that long a code, so was wondering if it isnt possible to > > make something like that in python. Cause when this code is applied to the > > loginform, CODE2 will only have to be applied to every following page and > > everything is good. > > > > code is from: > > http://tutorialized.com/tutorial/Creating-a-Members-Area-in-ASP/2234 > > CODE1 > > Set objRS = objConn.Execute (strSQL) > > '// see if there are any records returned > > If objRS.EOF Then > > 'no username found > > strError = "- Invalid username or password<br>" & vbNewLine > > Else > > 'check password > > If objRS("password")=Request.Form("password") Then > > 'username/password valid > > 'save session data > > Session("loggedin") = True > > Session("userid") = objRS("id") > > 'redirect to members area > > Response.Redirect ("default.asp") > > Response.End > > Else > > 'invalid password > > strError = "- Invalid username or password<br>" & vbNewLine > > > > CODE2<% > > If Session("loggedin") <> True Then Response.Redirect "login.asp" > > %> > > <html> > > <head> > > <title>Members Area</title> > > </head> > > <body> > > <h1>Members Area</h1> > > <p>Welcome to our members area!</p></body> > > </html> In my code I have allready tested if the username and password is > > correct, so I just need to do the cookie thing :D > > > > Thanks all, hope all my questions dosnt make you tired, I just really > > wanna figure this out, and I am doing this as a little hobby of mine, so I > > dont have anyone else to ask, hope that is okay... > > > > > > > > "Kent Johnson" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > >> Pete..... wrote: > >>> Hi all I am working on a log in script for my webpage. > >>> > >>> I have the username and the password stored in a PostgreSQL database. > >> > >> You might want to look at Snakelets and CherryPy. > >> > >> Snakelets is "a very simple-to-use Python web application server." One of > >> the features is "Easy user authentication and user login handling." > >> http://snakelets.sourceforge.net/ > >> > >> CherryPy is "a pythonic, object-oriented web development framework" that > >> seems to be popular. A recipe for password-protected pages in CherryPy is > >> here: > >> http://www.cherrypy.org/wiki/PasswordProtectedPages > >> > >> Kent > > > > -- http://mail.python.org/mailman/listinfo/python-list
