Persistent Session in CGI

[keegan.csmith]

Hi,

I have started a new small web project, and was wondering if there are
any good guides on how to do Persistent Sessions and Authentication
using python and CGI. I don't really want too use Zope, because It's
probably overkill for my tiny project.

 

[Paul Rubin]

I have started a new small web project, and was wondering if there are
any good guides on how to do Persistent Sessions and Authentication
using python and CGI. I don't really want too use Zope, because It's
probably overkill for my tiny project.

The simplest thing to do is put all the session info into a browser
cookie. That limits the amount of session info but maybe you can live
with that. You should encrypt and authenticate the cookie to prevent
the user from tampering with it.

 

[Fuzzyman]

Hi,

I have started a new small web project, and was wondering if there are
any good guides on how to do Persistent Sessions and Authentication
using python and CGI. I don't really want too use Zope, because It's
probably overkill for my tiny project.

You could try my 'logintools' CGI module (mini framework really, but
very mini).

It handles authentication for you, and provides a mechanism that you
could use to create persistent sessions.

http://www.voidspace.org.uk/python/logintools.html

(It uses cookies).

Fuzzyman
http://www.voidspace.org.uk/python/index.shtml

 

[Damjan]

I have started a new small web project, and was wondering if there are
any good guides on how to do Persistent Sessions and Authentication
using python and CGI. I don't really want too use Zope, because It's
probably overkill for my tiny project.

Since you only mention Zope...
Why not use TurboGears or Pylons or CleverHarold ... or anything WSGI based.
Or if you want to make something minimal you could try Paste with
(optionally) RhubarbTart.

But.. WSGI is the new CGI (the lowest common denominator) in Python web
development. So use it.
The benefits:
You can run your app as CGI, in mod_python, as a standalone http server,
with SCGI/FastCGI.
You'll benefit from authentication and session middleware. Middleware is a
great WSGI concept, there are also caching middlewares etc..

 

[Damjan]

But.. WSGI is the new CGI

Let me give you a minimal example using RhubarbTart (it depends on Paste)

from rhubarbtart import request, response, expose
from rhubarbtart import TartRootController

class Root(TartRootController):
@expose
def index(self, msg="Hello world!"):
response.headers['Content-type'] = 'text/plain'
return msg

app = Root()

#
# Now to serve it as a CGI script, just:
#
from wsgiref.handlers import CGIHandler
CGIHandler().run(app)

#
# or to server it in a long running python-based HTTP server
#
from paste import httpserver
httpserver.serve(app)

# END of example

Now this is just the begining to show you that it's not hard.
But when you see what EvalException can do for you, you'll beg for more

Hint:
from paste.evalexception.middleware import EvalException
app = EvalException(app)
# then serve the app in the paste httpserver ...
# but make some error in your python code to see it's results