Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://cloud.google.com/appengine/docs/legacy/standard/python/users below:

Users API for legacy bundled services | App Engine standard environment for Python 2

Stay organized with collections Save and categorize content based on your preferences.

The Users API allows an application to:

• Detect whether the current user has signed in.
• Redirect the user to the appropriate sign-in page to sign in.
• Request that your application user create a new Google account if they don't have one already.

While a user is signed in to the application, the app can access the user's email address, as well as a unique user ID. The app can also detect whether the current user is an administrator (also called "admin user"), making it easy to implement admin-only areas of the app.

The following example greets a user who has signed in to the app with a personalized message and a link to sign out. If the user is not signed in, the app offers a link to the sign-in page for Google Accounts.

First, import the google.appengine.api.users module.

Then use it to get information about the user:

If you have pages that require the user to be signed in order to access, you can enforce this in your app.yaml file. If a user accesses a URL configured to require sign-in and the user is not signed in, App Engine redirects the user to the appropriate Google sign-in page, then directs the user back to your app's URL after signing in or registering successfully.

The handler configuration can also require that the user be a registered administrator for the application; that is, the user must have the Viewer, Editor, Owner, or App Engine Admin role. This makes it easy to build administrator-only sections of the site, without having to implement a separate authorization mechanism.

To learn how to configure authentication for URLs, see how to require login or administrator status in the app.yaml reference.

Your app can authenticate users using one of these options:

• A Google Account
• An account on your Google Workspace domain

After you create your app, you can choose the authentication option you want to use. By default, your app will use Google Accounts for authentication. To choose another option, such as Google Workspace domain, go to the settings page for your project in the Google Cloud console and click Edit. In the Google authentication dropdown menu, select the desired authentication type, and then click Save.

An application can detect whether a user has signed in to the app with your app's chosen authentication option. If the user is not signed in, the app can direct the user to Google Accounts to sign in or create a new Google account. The app gets the URL for the sign-in page by calling a method of the Users API. The app can display this URL as a link, or it can issue an HTTP redirect to the URL when the user visits a page that requires authentication.

If your app uses Google Accounts or Google Workspace for authentication, the name of your application appears on the sign-in page when the user signs in to your application. The name shown is the application name that you specified when registering the application. You can change this name in the Application name field of the Google Cloud console Credentials page.

Once the user has signed in or created a Google account, the user is redirected back to your application. The app provides the redirect URL to the method that generates the sign-in URL.

The Users API includes a method to generate a URL for signing out of the app. The sign-out URL de-authenticates the user from the app, then redirects back to the app's URL without displaying anything.

A user is not signed in to an application until they are prompted to do so by the app and enter their account's email address and password. This is true even if the user has signed in to other applications using their Google Account.

While a user is signed in to an app, the app can access the account's email address for every request the user makes to the app. The app can also access a user ID that identifies the user uniquely, even if the user changes the email address for their account.

The app can also determine whether the current user is an administrator for the app. An admin user is any user that has the Viewer, Editor, Owner, or App Engine Admin role. You can use this feature to build administrative features for the app, even if you don't authenticate other users. The Go, Java, PHP and Python APIs make it easy to configure URLs as "administrator only".

The Users service API can return the current user's information as a User object. Although User objects can be stored as a property value in the datastore, we strongly recommend that you avoid doing so because this includes the email address along with the user's unique ID. If a user changes their email address and you compare their old, stored User to the new User value, they won't match. Instead, consider using the User user ID value as the user's stable unique identifier.

The development server simulates the Google Accounts system using a fake sign-in screen. When your application calls the Users API to get the URL for the sign-in screen, the API returns a special development server URL that prompts for an email address, but no password. You can type any email address into this prompt, and the app will behave as if you are signed in with an account with that address.

The fake sign-in screen also includes a checkbox that indicates whether the fake account is an administrator; that is, whether the account has the Viewer, Editor, Owner, or App Engine Admin role. If you check this box, the app will behave as if you are signed in using an administrator account.

Similarly, the Users API returns a sign-out URL that cancels the fake sign-in.

The unique ID for a User object in the development server is calculated from the email address. Two unique email addresses always represent two unique users in the development server.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-07 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["The Users API allows applications to check if a user is signed in, redirect them to sign-in pages, and request the creation of new Google accounts if necessary."],["While a user is signed in, applications can access their email address and a unique user ID, as well as determine if they are an administrator with specific roles like Viewer, Editor, Owner, or App Engine Admin."],["Applications can enforce sign-in and administrator access requirements for specific URLs directly in the `app.yaml` file, redirecting users to sign-in pages if needed and back to the app upon successful authentication."],["Apps can authenticate users using either a Google Account or an account on a Google Workspace domain, with Google Accounts being the default and can be changed in the console."],["The Users API provides methods to generate both sign-in and sign-out URLs, handling redirection and authentication, and the development server uses a fake sign-in screen for testing purposes, simulating Google Account authentication without requiring actual passwords."]]],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4