为Google应用引擎创建Google用户的替代登录信息
[英]Creating alternative login to Google Users for Google app engine
问题描述
How does one handle logging in and out/creating users, without using Google Users? 
如何在不使用Google用户的情况下处理登录和退出/创建用户? I'd like a few more options then just email and password. 我想要更多选项,然后只需要电子邮件和密码。 Is it just a case of making a user model with the fields I need? 这只是用我需要的字段制作用户模型的情况吗? Is that secure enough? 这够安全吗?
Alternatively, is there a way to get the user to log in using the Google ID, but without being redirected to the actual Google page? 或者,有没有办法让用户使用Google ID登录,但没有被重定向到实际的Google页面?
2 个解决方案
解决方案1
8 已采纳 2009-08-09 02:53:37
我建议使用OpenID,请参阅此处了解更多信息 - 就像Stack Overflow一样! - )
解决方案2
1 2009-08-09 13:25:27
If you roll your own user model, you're going to need to do your own session handling as well; 如果你推出自己的用户模型,你也需要自己进行会话处理; the App Engine Users API creates login sessions for you behind the scenes. App Engine用户API在幕后为您创建登录会话。
Also, while this should be obvious, you shouldn't store the user's password in plaintext; 此外,虽然这应该是显而易见的,但您不应将用户密码存储在明文中; store an SHA-1 hash and compare it to a hash of the user's submitted password when they login. 存储SHA-1哈希值,并在登录时将其与用户提交的密码的哈希值进行比较。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.