According to Blogger, this is going to be post #100. I have no idea if that counts the various dead drafts in my queue or not.
Anyway, if you've been following my Twitter stream, you'll know that I've been playing with Pylons, and by extension, WSGI. One of the things that I'm interested in is OpenID-only authentication, mostly because I hate having to create new account names/passwords everywhere, and I'm too lazy/paranoid to use one of those password management extensions. After several attempts, here is a short Python script which runs a sample web app that requires OpenID authentication for the /private path (via the AuthKit middleware). The OpenID URL that was used to sign in is stored in the
environ['REMOTE_USER'] variable. It was tested with AuthKit 0.4.2, Beaker 1.0.3, and Paste 1.7.2.
#!/usr/bin/env python # # Copyright (C) 2008 Mark Lee # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # For a copy of the GNU General Public License, see # <http://www.gnu.org/licenses/>. import os from beaker.middleware import SessionMiddleware from paste.auth.auth_tkt import AuthTKTMiddleware from authkit.authenticate import middleware, sample_app from paste.httpserver import serve app = middleware(sample_app, enable=True, setup_method='openid', openid_store_type='file', openid_store_config=os.getcwd(), openid_path_signedin='/private') app = AuthTKTMiddleware(SessionMiddleware(app), 'some auth ticket secret'); serve(app) # opens a socket at localhost:8080