WSGI Authentication: Homegrown, Authkit, OpenID...?

Question

I want basic authentication for a very minimal site, all I personally need is a single superuser. While hard-coding a password and username in one of my source files is awfully tempting, especially since I'm hosting the site on my own server, I feel I'm breaking the law of the internets and I should just use a database (I'm using sqlite for blog posts and such). Which would be the easiest to setup, in terms of time and effort, out of OpenID or AuthKit (repoze just scares me.. it feels like too much overhead for what I'm trying to achieve), or should I roll my own?

Why I brought up OpenID is, it might just solve my spam problem (I'm currently using Akismet), to just require all commentors to login with an OpenID. I have absolutely no idea how to go about integrating OpenID with my WSGI application though (it's probably dead simple, I've never actually looked into it yet).

Answer 1

AuthKit includes a built-in OpenID module, if that helps.

The AuthKit cookbook includes a simple example here... http://wiki.pylonshq.com/display/authkitcookbook/OpenID+Passurl

That said, if you only need a single login (so there's no complex user management going on), why not use Apache's built-in authentication features (AuthUserFile .htpasswd together with Require valid-user)?

Answer 2

You can adapt this.

http://code.activestate.com/recipes/302378/

Or, better, adapt this.

http://devel.almad.net/trac/django-http-digest/

This is quite nice.

Answer 3

also look at repose.who

http://static.repoze.org/whodocs/

Answer 4

Opid is a very small and simple to use WSGI OpenID app: python-opid