How does one handle logging in and out/creating users, without using Google Users? I'd like a few more options then just email and password. Is it just a case of making a user model with the fields I need? Is that secure enough?
Alternatively, is there a way to get the user to log in using the Google ID, but without being redirected to the actual Google page?
I recommend using OpenID, see here for more -- just like Stack Overflow does!-)
If you roll your own user model, you're going to need to do your own session handling as well; the App Engine Users API creates login sessions for you behind the scenes.
Also, while this should be obvious, you shouldn't store the user's password in plaintext; store an SHA-1 hash and compare it to a hash of the user's submitted password when they login.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With