Restrictive routing best practices for Google App Engine with python?
- by Aleksandr Makov
Say I have a simple structure:
app = webapp2.WSGIApplication([
(r'/', 'pages.login'),
(r'/profile', 'pages.profile'),
(r'/dashboard', 'pages.dash'),
], debug=True)
Basically all pages require authentication except for the login. If visitor tries to reach a restrictive page and he isn't authorized (or lacks privileges) then he gets redirected to the login view.
The question is about the routing design. Should I check the auth and ACL privs in each of the modules (pages.profile and pages.dash from example above), or just pass all requests through the single routing mechanism:
app = webapp2.WSGIApplication([
(r'/', 'pages.login'),
(r'/.+', 'router')
], debug=True)
I'm still quite new to the GAE, but my app requires authentication as well as ACL. I'm aware that there's login directive on the server config level, but I don't know how it works and how I can tight it with my ACL logic and what's worse I cannot estimate time needed to get it running. Besides, it looks only to provide only 2 user groups: admin and user.
In any case, that's the configuration I use:
handlers:
- url: /favicon.ico
static_files: static/favicon.ico
upload: static/favicon.ico
- url: /static/*
static_dir: static
- url: .*
script: main.app
secure: always
Or I miss something here and ACL can be set in the config file? Thanks.