Best way to handle cgi sessions

Derek Perriero Fri, 14 Oct 2005 12:23:07 -0700

What would be the best way to create a cgi session that contains the basic elements of a cookie and can also hold secure data, such as a username/password.  I've explored the possibilities of using SmartCookie, but that doesn't encrypt my parameters.
Here's some background info on what I'm trying to do:

form = cgi.FieldStorage()

try:
     username = form["username"].value
     password  = form["password"].value
except KeyError:
     print "Please Enter Username/Password"

## authenticate against LDAP server
if not authen.ldap(username,password):
     cookie = 0               #Cookie dies and page goes back to re-login
     display = functions.display_html_admin("main_temp.html")
     functions.print_html_header(cookie)
     print display
     exit

else:
     cookie = authen.genCookie(username)
     display = functions.display_html_admin("main_temp.html")
     functions.print_html_header(cookie)
     print display
     exit

...
## From authen.py

def genCookie(username):
    cookie = SmartCookie()

    cookie["CGISESSID"] = generate_hash()
    cookie["CGISESSID"]["path"] = "/tmp"
    cookie["logintype"] = "admin"
    cookie["username"] = username
    cookie["loggedin"] = "verified"

    return(cookie)

#end:


--
Perriero, Derek
[EMAIL PROTECTED]

-- 
http://mail.python.org/mailman/listinfo/python-list

Best way to handle cgi sessions

Reply via email to