These techniques can be a pain to implement with some application servers. With CherryPy, they require only THREE LINES OF CODE !
All you have to do is use the standard modules HttpAuthenticate and CookieAuthenticate. The following is an example that uses both modules.
use HttpAuthenticate, CookieAuthenticate CherryClass Root: mask: def index(self): <html><body> <a py-attr="request.base+'/httpProtected/index'" href="">Click here to enter a restricted area using HTTP authentication</a><br> <a py-attr="request.base+'/cookieProtected/index'" href="">Click here to enter a restricted area using cookie authentication</a><br> In both cases, the login and password are "login" and "password" </body></html> CherryClass HttpProtected(HttpAuthenticate): function: def getPasswordListForLogin(self, login): # Here we define what the login and password are if login=='login': return ['password'] return [] mask: def index(self): <html><body>You're in</body></html> CherryClass CookieProtected(CookieAuthenticate): function: def getPasswordListForLogin(self, login): # Here we define what the login and password are if login=='login': return ['password'] return [] mask: def index(self): <html><body> You're in<br> Click <a href="doLogout">here</a> to log out. </body></html>
As you can see, all you have to do is to create a CherryClass that inherits from HttpAuthenticate or CookieAuthenticate and implement a function called getPasswordListForLogin that returns a list of matching passwords for a given login. (this allows you to keep a master key that works for all users, for instance ...)
As you can see, using these two modules is really easy.
In the next chapter, we'll see how to use another CherryPy standard module: Form
See About this document... for information on suggesting changes.