Best way to handle cgi sessions
Derek Perriero
derek.perriero at gmail.com
Fri Oct 14 15:22:18 EDT 2005
What would be the best way to create a cgi session that contains the basic
elements of a cookie and can also hold secure data, such as a
username/password. I've explored the possibilities of using SmartCookie, but
that doesn't encrypt my parameters.
Here's some background info on what I'm trying to do:
form = cgi.FieldStorage()
try:
username = form["username"].value
password = form["password"].value
except KeyError:
print "Please Enter Username/Password"
## authenticate against LDAP server
if not authen.ldap(username,password):
cookie = 0 #Cookie dies and page goes back to re-login
display = functions.display_html_admin("main_temp.html")
functions.print_html_header(cookie)
print display
exit
else:
cookie = authen.genCookie(username)
display = functions.display_html_admin("main_temp.html")
functions.print_html_header(cookie)
print display
exit
...
## From authen.py
def genCookie(username):
cookie = SmartCookie()
cookie["CGISESSID"] = generate_hash()
cookie["CGISESSID"]["path"] = "/tmp"
cookie["logintype"] = "admin"
cookie["username"] = username
cookie["loggedin"] = "verified"
return(cookie)
#end:
--
Perriero, Derek
derek.perriero at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20051014/07b983b9/attachment.html>
More information about the Python-list
mailing list