Hello,

For web development, I am of course a great fan of Python and Quixote.
(It is actually all I use.) However, I also have "Gallery" running on my
site. (Gallery's home is at http://gallery.menalto.com/, iirc.) It is
written in PHP. Now what I would like to accomplish, is to somehow
combine the authentication of Gallery and my site: I want a user to only
have to log in once, and then be authenticated for both the Gallery/PHP
parts, and the Python parts of the site.

Any idea how I can accomplish this? Ideally I would like to do all of
the work in Python, i.e. hooking into Gallery's authentication somehow.
I realise however that it is quite likely I will have to alter both my
code as well as Gallery's, so that the two authentication systems meet
somewhere in the middle...

Ideas I've been wondering about include having both store login
information in my postgres DB, and using that to determine if a user has
logged in already. The other thing I hope might work, is to have my
Quixote's login code fill the Gallery login form on the user's behalf,
then somehow pass the cookie on to the user. (MITM...) This solution
will of course not help if a user logs in in Gallery directly: my
Quixote app will then be unaware of the login. This may be acceptable as
a temporary compromise, until I have time to do something more thorough.
Well, the modifications to Gallery might be relatively straight forward
then anyway: just make the Gallery login link take the user to the
Quixote login page instead of the original Gallery one...

Any ideas, comments, suggestions?

Thanks,
Hugo van der Merwe

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAsakRSmzXbWBxVpgRAguwAJsENMBWmgwM2cKE7BS6HoBoD/3vyACgsl4h
5gz+Uc3XAiUNp/EtMxL6Iv0=
=uXC8
-----END PGP SIGNATURE-----