1.2.1 Background Information

The web.auth module performs three main tasks and can be thought of as three separate parts in the same module. These tasks are:

Check whether a user is signed in and has permission to use an application.
Provide tools to enable new users and applications to be setup and modified.
Provide a mechanism where login attempts can be handled through a web based interface.

In order to fulfil these tasks four different types of object are provided by the web.auth module. These are:

Driver: These provide the interface to the storage medium for the AuthSession and AuthManager objects. For example the DatabaseAuthDriver object is used to allow auth information to be stored in SQL databases.
AuthSession: These objects use the web.session session module to store and manage information about who is currently signed in.
AuthManager: These are the objects are used to manage the application and user information. For example to add applications and users, test if applications or users exist and change passwords.
Handlers: These objects are found in the web.auth.handlers sub package and are designed to help to automate tasks such as providing a sign in form, checking details and signing in users to reduce the code needed to be written for each application.

If you simply want to password protect a CGI script there is also a web.auth.start() function to handle everything for you, but most of the time you will want control over the process yourself.

If you simply want to get started using the module quickly there is an example later on in the documentation demonstrating some important features and a full API reference.