I don't know what engine you are using. Basically all you have to do is render the login form at the url of the page that needs the login. You're going to have to hook in the authentication code before you render the page normally. For instance, this is a common way I've been doing it in various engines I use:
(1) Check to see if the user is logging in by looking at the parameters. If they login successfully, record that in the session and continue as normal. (2) Normal operation being... check to see if they are logged in according to their session. (The code in (1) will set up their session to be logged in if they just logged in.) If they aren't and they need to be, show the login page. Otherwise, show the regular content. -- http://mail.python.org/mailman/listinfo/python-list