Google Cloud Platform

Login URLs

Warning: The OpenID feature mentioned on this page has been deprecated and is going to be removed. See the OpenID 2.0 Turndown document for details and timetable.

The Users API provides functions for constructing URLs that allow the user to sign in or sign out, then be redirected back to your application.

users.create_login_url() and users.create_logout_url() each take a destination URL for the application, and return a URL for signing in or signing out that redirects back to the given URL afterward.

users.create_login_url() also takes an optional OpenID identifier argument, federated_identity, which you can use if your app is set to support OpenID. By default, the federated_identity argument uses Google's OpenID provider service. (Note that the support for OpenID is experimental.)

import webapp2
from google.appengine.api import users

class MyHandler(webapp2.RequestHandler):
    def get(self):
        user = users.get_current_user()
        if user:
            greeting = ('Welcome, %s! (<a href="%s">sign out</a>)' %
                        (user.nickname(), users.create_logout_url('/')))
            greeting = ('<a href="%s">Sign in or register</a>.' %

        self.response.out.write("<html><body>%s</body></html>" % greeting)

application = webapp2.WSGIApplication([('/', MyHandler),], debug=True)

The development web server simulates Google Accounts using its own sign-in and sign-out facilities. When you sign in to your application on the development web server, the server prompts you for an email address to use for the session. See The Development Web Server for more information.

Tip: An easy way to restrict access to a part of your application to signed in users is to use the login: required configuration element for the URL handler. See Configuring an App.