hello all, I am learning CherryPy, and would like to have a simple cherrypy authentication against a MySQL database user table that stores a username and an MD5 hashed password string.

Is there a dead easy tutorial out there other than the example posted on the CherryPy wiki (http://tools.cherrypy.org/wiki/AuthenticationAndAccessRestrictions)?

I am coming from a PHP background, I do not know if that matters, but I am used to authentication schemes handled by server side PHP session objects. So, anything that can compare to that would be welcome, because it would help me relate. I decided to use CherryPy because it seems to be the framework that fit the bill. I have a couple of very simple python apps in the works and just need something to provide the HTTP handling. Alternatively, my other choice would be Web.py, but since CherryPy support is better with WebFaction, I thought I would go that route. In addition, if I understand my reading sufficiently, CherryPy will provide the robust framework I need.

Thanks in advance.

asked 18 Feb '12, 13:03

neorou73's gravatar image

accept rate: 0%

There are some fairly simple examples of CherryPy authentication at: CherryPy Digest and Basic Authentication Tutorial

Here is the basic authentication example from that page, modified to work with MySQL as the source of user info:

import cherrypy
import MySQLdb
from md5 import md5

class RootServer:
    def index(self):
        return """This is a public page!"""

class SecureServer:
    def index(self):
    return "This is a secure section"

def get_users():
    db = MySQLdb.connect(host='localhost', 
    curs = db.cursor()
    curs.execute('select username,password from users')
    return dict(curs.fetchall())

def encrypt_pw(pw):
    return md5(pw).hexdigest()

if __name__ == '__main__':
    users = get_users()

    conf = {'/secure': {'tools.basic_auth.on': True,
                        'tools.basic_auth.realm': 'Some site2',
                        'tools.basic_auth.users': users,
                        'tools.basic_auth.encrypt': encrypt_pw}}
    root = RootServer()
    root.secure = SecureServer()
    cherrypy.quickstart(root, '/', config=conf)

I don't claim that the above code represents any sort of best-practice approach to doing this - just posting it as a simple example.

Hope that helps!

permanent link

answered 23 Feb '12, 16:04

seanf's gravatar image

seanf ♦♦
accept rate: 38%

edited 23 Feb '12, 16:06


seanf - you are the man!!!! this is exactly what i am looking for. best practice becomes best practice if everybody is doing it :) thank you so much - you made my week.

(24 Feb '12, 10:18) neorou73 neorou73's gravatar image

If you do not want to write all of the database/user boilerplate you might want to use a framework like Django. By definition CherryPy is a minimalist framework and so you will have to write a lot of the boilerplate yourself.

permanent link

answered 18 Feb '12, 17:19

johns's gravatar image

johns ♦♦
accept rate: 23%

Thank you for your answer, johns. I had considered using Django a long time ago. My problem is this: I write python applications without really thinking about the web side of it first. So, what I need, is to keep the HTTP and HTTP related functionality (like authentication) separate. Django is nice and (pretty complete, it seems), but they force you to use their standards. Last I checked, I could not use SQLAlchemy, for example, because DJango has its own ORM. Maybe this has changed. Either way, although it provides a lot of ready made solutions for you, it is not for me.

(23 Feb '12, 15:35) neorou73 neorou73's gravatar image

Unless you need some of the special things you can implement with CherryPy and you can't do with an out-of-the-box apache wsgi install, I wouldn't go through all the hassle. I can just second Johns suggestion to use django with mod-wsgi. However, if you still want to use CherryPy instead of apache you can use it together with django (or any other wsgi compliant python framework like turbogears 2x, pylons, etc.): http://docs.cherrypy.org/dev/refman/wsgiserver/init.html. If you want to use CherryPy the hard way, at least have a look at http://werkzeug.pocoo.org/

permanent link

answered 19 Feb '12, 14:33

markusbarth's gravatar image

accept rate: 0%

edited 19 Feb '12, 14:37

Thank you for your answer, markus. I answered johns' post about Django. It is not for me, sad to say. It is starting to look like I might just use mod_wsgi or web.py directly for my means. Werkzeug may also be a possibility.

(23 Feb '12, 15:39) neorou73 neorou73's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 18 Feb '12, 13:03

question was seen: 6,971 times

last updated: 24 Feb '12, 10:18

Features & prices    Sign up    Contact us    Affiliate program    Support    Legal    Jobs    Blog    Control panel login
© Copyright 2003-2015 Swarma Limited - WebFaction is a service of Swarma Limited