authenticate on apache via mod_pyton (postgresql) ... glitch

[Remy C. Cool]

I'm experimenting with python/mod_python and run into a problem with 
autentication via apache. This is probably not the right place to 
ask, but the mod_pyton and apache mailinglists didn't help.  

I use the following code:

# authenticate user
import psycopg
import string
import time
from mod_python import apache


def authenhandler(req):

   pw = req.get_basic_auth_pw()
   user = req.connection.user

   # create database connection
   connectstring = "dbname=testbase user=tester password=test 
port=5432"
   dbconn = psycopg.connect(connectstring)
   dbhandle = dbconn.cursor()
   # define query
   dbhandle.execute("SELECT user_id,password FROM users WHERE         
     
username = %s", (user,))
   # retrieve results
   results = dbhandle.fetchall()
   total = len(results)

   if total < 1:
      # user not known on this system
      return apache.HTTP_UNAUTHORIZED
   else:
      if total > 2:
         # database corrupted
         return apache.HTTP_UNAUTHORIZED
      else:
         # extract user_id from list
         user_id = results[0][0]
         # get host info
         curhost = req.get_remote_host(apache.REMOTE_NAME)
         # register login try
         dbhandle.execute("""INSERT INTO login (user_id,host) VALUES 
( %d,%s )""", (user_id,curhost))
         dbconn.commit()
         # extract password from list
         passwd = string.strip(results[0][1])
         # compare password with given
         if pw == passwd:
            # user authenticated
            return apache.OK
         else:
            # incorrect password
            return apache.HTTP_UNAUTHORIZED

Authentication works. The username is looked up in the database and 
if the password is OK, access is granted. The problem is that for 
every login attempt (or page refresh) I get 4 entry's in my login 
table ond not one. What am I doing wrong here ?

Regards,
Remy Cool