1.2.3.1 Creating the Auth Environment

Below is a sample program which can be used to create an auth environment in an SQLite database named example-web-auth.db. You will be need to delete the example-web-auth.db file created if you have already run the script before.

#!/usr/bin/env python

import sys
sys.path.append('../../../') # show python where the web modules are

import web.database, web.auth

# Make cursor connection
connection = web.database.connect(
    type='sqlite',
    database='example-web-auth.db'
)
cursor = connection.cursor()

# Create authManager object and setup the environment
authManager = web.auth.setup(storage='database', cursor=cursor)
errors = authManager.createTables()
connection.commit()
if errors:
    print '\n'.join(errors)
else:
    authManager.addApplication('app')
    authManager.addUser('test', '123')
    authManager.addUser(
        'john',
        'bananas',
        'John',
        'Smith',
        'johnsmith@example.com'
    )
    authManager.setAccessLevel('john', 'app', 1)
    print "All done!"

connection.commit()

What we have created is an application named app and two users, test and john. test has a password '123' and john has a password 'bananas'. We have also specified that john has a firstname 'John', a surname 'Smith' and an email address 'johnsmith@example.com' but we haven't specified any extra information for test. The user john has access rights to the app but the user test does not.

Note: '123' and 'bananas' aren't particularly secure passwords so please use something more sensible yourself!

Note: example.com is not a real domain. It is reserved for use in exmaples such as this one so that no-one gets irritated by people trying to send email to johnsmith@example.com.