Ian Bicking: the old part of his blog

Re: Little Apps: Decouple First

until you want to run a report like

select u.id, count(*) from users u, forums f where u.id = f.user_id group by u.id

if your login app is separate from your forum app, you're kinda screwed at that point.

(But I guess if you're treating the database like a slightly brain-damaged object store, this isn't a problem since this sort of thing wouldn't occur to you. :)

Comment on Little Apps: Decouple First
by Jonathan Ellis


Separating the login doesn't necessarily mean you cease to keep track of users for your web application, it merely means that the login/logout is handled outside. Single-Sign-on systems generally work in such a way. The user signs on, does some sort of authentication, then you get a token for that user which you store as their identifier in your user database. You still store user data necessary for your web application, the other system handles logging them on/off.

If you made your own WSGI login app, I'd do a similar thing. Once they login, setup a unique token in the environment for the web application, then inside the web application it will still have its own user database, etc.

# Ben Bangert