I'm looking for a good authentication/authorization framework for Bottle. I would love something that is fast and easy to use.
I've seen recommendations for repoze.what and repoze.who, but their documentation looks scary (I'm not sure what to even make of the repoze.who documentation).
There seems to be a new framework in play called Cork. It looks super easy to use. Has anyone here actually used it in a project? Also, what do you guys think of the saving of user credentials in a file (as opposed to a db table)?
Related
I will do project with my class, so they are a bit new with python. In our web application we will need registration/authentication. I used flask-login for this stuff, but I didn't enjoy this. I think it is difficult to understand and this is not obvious. I want to display that python is very simple to the class. I want to avoid duplications with log in stuff, what can you suggest to use instead?
From what i know, there are no popular alternatives to Flask-Login, except writing your own one. If you plan to do this, flask.session is highly relevant, as is a part of the tutorial.
There's also Flask-Security, but that builds on top Flask-Login. I used neither of them.
I am just starting to use a web framework. I have decided I really like python and started looking at web frameworks. I don't really like django for a few reasons, but from what I have tried so far I found I really like pylons.
The problem I have is that I can't find that many articles/tutorials about pylons, especially 1.0 articles. Does anybody know any good getting started tutorials and articles about pylons?
Also, I am gonna need to implement users in my applications with a secure log in and have the users "own" a model. Any good advice/articles/tutorials about how I would do this?
When I was looking at some tutorial they mention virtual python environments. I don't really know what that is, why you would use them and how do you use them. Any help?
Finally, I can't find any good tutorials/articles about how to deploy pylons to a production environment. I own a VPS and am gonna deploy there. Any help with that?
Is there anything else I should know about pylons or python. I know the basics of python already.
The book suggested by meder (http://pylonsbook.com/en/1.1/) is a very good start. I upvoted his anwser because that's where I learned Pylons.
However, the book is written for Pylons 0.9.7 (the latest version before 0.10 and 1.0).
Pylons is the agglomeration of several high quality libraries. Learning Pylons is all about learning those libraries. Most of the book is about exploring those libraries. When you learn to develop web app in Pylons, what you really learn is to develop app in Python.
Right now, I think the book and the official website (http://pylonshq.com/docs/en/1.0/) are the two most valuable resources to learn Pylons.
Most of the changes that happenned between 0.9.7 and 1.0 are in the app start-up (which you probably won't really try to modify at the begining). Other than that, the libraries have been updated (sqlalchemy is now 0.6, etc.). Also, one change that may affect you: the url_to and redirect_to functions have been replaced by url and redirect. That's about it.
There is an entire book published free which covers Pylons 1.0:
http://pylonsbook.com/en/1.1/
You will definitely need to learn SQLAlchemy to master Pylons.
Official docs are pretty good start at it, http://www.sqlalchemy.org/docs/, and you may want to try Elixir extension, which provides a bit better declarative syntax.
You also should read docs on Routes module, http://routes.groovie.org/contents.html, especially on submappers and RESTful services, http://routes.groovie.org/restful.html
And you need to learn w/e templating system you choose. Mako, for example, have some non-obvious caveats, like much better performance of <%namespace/> vs <%include/>.
For authentication the homegrown decorator based approach works well also: http://wiki.pylonshq.com/display/pylonscookbook/Another+approach+for+authorization+in+pylons+%28decorator+based%2C+repoze.what+like%29
I have to develop a site which has to accomodate around 2000 users a day and speed is a criterion for it. Moreover, the site is a user oriented one where the user will be able to log in and check his profile, register for specific events he/she wants to participate in. The site is to be hosted on a VPS server.Although I have pretty good experience with python and PHP but I have no idea how to use either of the framework. We have plenty of time to experiment and learn one of the above frameworks.Could you please specify which one would be preferred for such a scenario considering speed, features, and security of the site.
Thanks,
niting
This is a very subjective question but personally I'd recommend Django. Python is a very nice language to use and the Django framework is small, easy to use, well documented and also has a pretty active community.
This choice was made partly because of my dislike for PHP though, so take the recommendation with a pinch of salt.
Most of the frameworks out there nowadays are fast enough to serve whatever needs you will have. It really depends on in which environment you feel most comfortable. Though there are nuances here and there, MVC frameworks share a lot of the same principles, so whichever you choose to use is really a matter of which you most enjoy using.
So, if you like Python more, there's your answer. Use a Python framework, and Django is the best. If you like PHP more (which I personally don't), you've got some more decisions to make. But any of the PHP frameworks are fine. They really are. Just pick one that looks nice with comprehensive documentation and get to work.
I've worked with CakePHP and Django and I really recommend Django. I don't know too much about CodeIgniter, but I remember ruling it out when I was evaluating frameworks myself about a year ago. CakePHP seemed much more developed at the time.
First of all, the Django community is much bigger and has spent a lot of time focusing on reusable apps. This means that you get a lot of functionality for free. Pair this with the django admin, and you have a lot of things already done for you. I haven't kept up with the PHP frameworks much, but I'm pretty sure Django is also more developed.
This is more of a personal thing, but I just like Python over PHP. Compare the way models are done in CakePHP and Django: http://book.cakephp.org/view/67/Understanding-Models, http://docs.djangoproject.com/en/dev/topics/db/models/#topics-db-models. The python is clearly more readable.
Keep in mind that Django gives you an awesome ORM and builds your schema for you, i.e. you never have to touch the database if you don't want to. With the PHP frameworks, you have to do your own db design, which just slows me down at this point. You can always go in and add indexes for speed later.
This is probably the most biased, but if you are starting a new application - seriously - just stick with Django or Ruby on Rails. There is a reason everyone talks about them and they have the biggest communities and best developers behind them.
You can also check out Pinax for a lot of Django goodies.
Codeigniter it's fast and very documented also has a large community to and finaly friendly with the programmer.
CodeIgniter is a great PHP framework that is fast and has excellent documentation. Start reading through their user guide and it will give you a good idea how to work with the framework.
Extending Matchu:
Or, -If you like PHP more- its time to learn/growup about other things like Python. Its not hard to learn, and when you get started it gets very enjoyable.
Many people has done the PHPtoPython/Django port, like Mozilla, Netgeo, Nasa, TheOnion, etc.
If for the PHP part I would choose CodeIgniter - it doesn't get too much into your way. But it doesn't have any code/view/model generators out of the box, you need to type a bit.
But languages other than PHP appear to be more sexy.
I am using CodeIgniter 1.7.2 and for complex websites it's very good and powerfull, but it definitely is missing some kind of code generator which will allow for example to build an IT application in one click.
I had the impression (from watching a tutorial) that Django has it.
I have some really nice Python code to do what I need to do. I don't particularly like any of the Python GUI choices though. wxPython is nice, but for what I need, the speed on resizing, refreshing and dynamically adding controls just isn't there. I would like to create the GUI in VB.NET. I imagine I could use IronPython to link the two, but that creates a dependency on a rather large third-party product. I was perusing the MSDN documentation on Windows IPC and got the idea to use sockets. I copied the Python echo server code from the Python documentation and in under 5 minutes was able to create a client in VB.NET without even reading the System.Net.Sockets documentation, so this certainly doesn't seem too hard.
The question I have is... is this a terrible idea? If so, what should I be doing instead?
If this is a good idea, how do I go about it?
It's not a terrible idea. In fact, if you write the Python code to have a RESTful interface, and then access that from VB.NET, it is a downright good idea. Later on you could reuse that Python server from any other application written in Python or VB.NET or something else. Because REST is standard and easy to test, people can even do GETs from a browser and maybe that will be useful in itself.
Here is a Yahoo page that gives you code examples to do REST GET, POST and so on, in VB.NET.
If you think REST has too much overhead and need something more lightweight, please don't try to invent your own protocol. Consider something like Google's Protocol Buffers which can also be used from VB.NET.
I think this is an excellent idea. I'll second Michael Dillon's recommendation for a REST API, and I'll further recommend that you use Django to implement your REST server.
I wrote a REST web service using Django, and Django made it really easy and fun. Django made it really simple to set up the URLs the way I wanted them, to run whatever code a URL called for, and to interact with the database as needed. My web service was rock solid reliable, and I was able to test it for debugging simply using a web browser.
If you already have your code working in Python and just want to slap on a glue interface, and if REST doesn't seem like what you want, you could look at the Twisted networking framework. Here is a nice article on how to do networking in Python with both the standard Python modules and with Twisted.
I want basic authentication for a very minimal site, all I personally need is a single superuser. While hard-coding a password and username in one of my source files is awfully tempting, especially since I'm hosting the site on my own server, I feel I'm breaking the law of the internets and I should just use a database (I'm using sqlite for blog posts and such). Which would be the easiest to setup, in terms of time and effort, out of OpenID or AuthKit (repoze just scares me.. it feels like too much overhead for what I'm trying to achieve), or should I roll my own?
Why I brought up OpenID is, it might just solve my spam problem (I'm currently using Akismet), to just require all commentors to login with an OpenID. I have absolutely no idea how to go about integrating OpenID with my WSGI application though (it's probably dead simple, I've never actually looked into it yet).
also look at repose.who
http://static.repoze.org/whodocs/
AuthKit includes a built-in OpenID module, if that helps.
The AuthKit cookbook includes a simple example here... http://wiki.pylonshq.com/display/authkitcookbook/OpenID+Passurl
That said, if you only need a single login (so there's no complex user management going on), why not use Apache's built-in authentication features (AuthUserFile .htpasswd together with Require valid-user)?
Opid is a very small and simple to use WSGI OpenID app: python-opid
You can adapt this.
http://code.activestate.com/recipes/302378/
Or, better, adapt this.
http://devel.almad.net/trac/django-http-digest/
This is quite nice.