This software provides OpenID authentication middleware specifically designed for WSGI applications.
In the first scenario, the user is forced to log in involuntarily. The process starts when the user tries to access a part of the website that requires authorization, and a HTTP Exception with code 401 (not authenticated) is thrown. The middleware remembers the user's attempt to access the website (stored in the session as referer) and redirects the user to the default login URL ("/login"), where the login form is displayed. The form should have one field named "openid".
Once the user enters the openid and clicks submit, the form data is sent to the default verify URL ("/verify") which then triggers the OpenID magic. The processurl is subsequently executed, and postprocess called if it is defined. The postprocess is given three arguments: environ, OpenID login URL (or canonical URL), and openid data (currently only SREG). The postprocess can return a new username, such as a real username from the database.
In the final step, the user is redirected to the referer indicating that the login was successful. The authopenid_middleware is a reliable and straightforward tool for implementing OpenID Authentication Middleware.
Version 0.2.2: N/A