Working on a log in script to my webpage

Mon Mar 14 05:52:24 EST 2005

Pete..... wrote:
> Hi all.
>
> Unfortunaly it looks like I dont have to skill to make a secure log
in, cant
> figure out how the code has to look like, so guess my webpage has to
live
> with a security issue.
>
> Thanks for the effort you put into teaching me the use of cookies.
>

I've written a library called 'login_tools' that does login/user
management for CGI scripts. It doesn't use a database to store logins
though.

You can fins it at (with online example) :
http://www.voidspace.org.uk/python/logintools.html

If you want any help setting it up or working with it then feel free to
email me about it. It's possible to plug it in to existing CGI scripts
with literally two lines of code....

Regards,

Fuzzy
http://www.voidspace.org.uk/python/index.shtml

> Best wishes
> Pete....
>
> "Pete....." <helten0007 at yahoo.com> wrote in message
> news:422f0bb8$0$527$ba624c82 at nntp05.dk.telia.net...
> > Thanks.
> >
> > But I would really like to do this from scratch, so that I can
learn it, I
> > dont think I need that much more, before it works.
> >
> > I found an example with asp, where the save the session if the
password is
> > correct. It isnt that long a code, so was wondering if it isnt
possible to
> > make something like that in python. Cause when this code is applied
to the
> > loginform, CODE2 will only have to be applied to every following
page and
> > everything is good.
> >
> > code is from:
> >
http://tutorialized.com/tutorial/Creating-a-Members-Area-in-ASP/2234
> > CODE1
> > Set objRS = objConn.Execute (strSQL)
> >      '// see if there are any records returned
> >      If objRS.EOF Then
> >          'no username found
> >          strError = "- Invalid username or password<br>" &
vbNewLine
> >      Else
> >          'check password
> >          If objRS("password")=Request.Form("password") Then
> >               'username/password valid
> >               'save session data
> >               Session("loggedin") = True
> >               Session("userid") = objRS("id")
> >               'redirect to members area
> >               Response.Redirect ("default.asp")
> >               Response.End
> >          Else
> >               'invalid password
> >               strError = "- Invalid username or password<br>" &
vbNewLine
> >
> > CODE2<%
> > If Session("loggedin") <> True Then Response.Redirect "login.asp"
> > %>
> > <html>
> > <head>
> > <title>Members Area</title>
> > </head>
> > <body>
> > <h1>Members Area</h1>
> > <p>Welcome to our members area!</p></body>
> > </html> In my code I have allready tested if the username and
password is
> > correct, so I just need to do the cookie thing :D
> >
> > Thanks all, hope all my questions dosnt make you tired, I just
really
> > wanna figure this out, and I am doing this as a little hobby of
mine, so I
> > dont have anyone else to ask, hope that is okay...
> >
> >
> >
> > "Kent Johnson" <kent37 at tds.net> wrote in message
> > news:422ef991_1 at newspeer2.tds.net...
> >> Pete..... wrote:
> >>> Hi all I am working on a log in script for my webpage.
> >>>
> >>> I have the username and the password stored in a PostgreSQL
database.
> >>
> >> You might want to look at Snakelets and CherryPy.
> >>
> >> Snakelets is "a very simple-to-use Python web application server."
One of
> >> the features is "Easy user authentication and user login
handling."
> >> http://snakelets.sourceforge.net/
> >>
> >> CherryPy is "a pythonic, object-oriented web development
framework" that
> >> seems to be popular. A recipe for password-protected pages in
CherryPy is
> >> here:
> >> http://www.cherrypy.org/wiki/PasswordProtectedPages
> >>
> >> Kent
> >
> >