The Users API provides functions for constructing URLs that allow the user to sign in or sign out, then be redirected back to your application.
users.create_login_url()
and
users.create_logout_url()
each take a destination URL for the application, and return a URL for signing in or signing out that redirects back to the given URL afterward.
users.create_login_url()
also takes an optional OpenID identifier argument,
federated_identity
, which you can use if your app is set to support OpenID. By default, the
federated_identity
argument uses Google's OpenID provider service. (Note that the support for OpenID is experimental.)
import webapp2
from google.appengine.api import users
class MyHandler(webapp2.RequestHandler):
def get(self):
user = users.get_current_user()
if user:
greeting = ('Welcome, %s! (<a href="%s">sign out</a>)' %
(user.nickname(), users.create_logout_url('/')))
else:
greeting = ('<a href="%s">Sign in or register</a>.' %
users.create_login_url('/'))
self.response.out.write("<html><body>%s</body></html>" % greeting)
application = webapp2.WSGIApplication([('/', MyHandler),], debug=True)
The development web server simulates Google Accounts using its own sign-in and sign-out facilities. When you sign in to your application on the development web server, the server prompts you for an email address to use for the session. See The Development Web Server for more information.
Tip:
An easy way to restrict access to a part of your application to signed in users is to use the
login: required
configuration element for the URL handler. See
Configuring an App
.