webapp2_extras.appengine.auth.models provides a default User model to be used on App Engine, but it can be replaced by any custom model that implements the required interface. This means that webapp2_extras.auth can be used with any model you wish – even non-App Engine models which use, let’s say, SQLAlchemy or other abstraction layers.
The required interface that a custom user model must implement consists of only five methods:
class User(object): def get_id(self): """Returns this user's unique ID, which can be an integer or string.""" @classmethod def get_by_auth_token(cls, user_id, token): """Returns a user object based on a user ID and token. :param user_id: The user_id of the requesting user. :param token: The token string to be verified. :returns: A tuple ``(User, timestamp)``, with a user object and the token timestamp, or ``(None, None)`` if both were not found. """ @classmethod def get_by_auth_password(cls, auth_id, password): """Returns a user object, validating password. :param auth_id: Authentication id. :param password: Password to be checked. :returns: A user object, if found and password matches. :raises: ``auth.InvalidAuthIdError`` or ``auth.InvalidPasswordError``. """ @classmethod def create_auth_token(cls, user_id): """Creates a new authorization token for a given user ID. :param user_id: User unique ID. :returns: A string with the authorization token. """ @classmethod def delete_auth_token(cls, user_id, token): """Deletes a given authorization token. :param user_id: User unique ID. :param token: A string with the authorization token. """
Additionally, all values configured for user_attributes, if any, must be provided by the user object as attributes. These values are stored in the session, providing a nice way to cache commonly used user information.