Ian Bicking: the old part of his blog

Little apps decouple first comment 000

Separating the login doesn't necessarily mean you cease to keep track of users for your web application, it merely means that the login/logout is handled outside. Single-Sign-on systems generally work in such a way. The user signs on, does some sort of authentication, then you get a token for that user which you store as their identifier in your user database. You still store user data necessary for your web application, the other system handles logging them on/off.

If you made your own WSGI login app, I'd do a similar thing. Once they login, setup a unique token in the environment for the web application, then inside the web application it will still have its own user database, etc.

Comment on Re: Little Apps: Decouple First
by Ben Bangert