Airlock is a lightweight, web-security-concious wrapper for webapp2 on Google App Engine. It provides oauth2 integration for identity management with Google Accounts, sessions, and user management.
Airlock is a drop-in replacement for several webapp2 and protorpc
objects. Specifically, it wraps remote.Service, webapp2.WSGIApplication,
and webapp2.RequestHandler to provide authentication and session features
via oauth2 and the oauth2client library.
| original | airlock variant |
|---|---|
protorpc.remote.Service |
airlock.Service |
webapp2.RequestHandler |
airlock.Handler |
webapp2.WSGIApplication |
airlock.WSGIApplication |
- Oauth2 integration with Google Accounts (sign in and sign out).
- Anonymous user/session support.
- A standard configuration format for specifying the security characteristics of an application.
- Provides a framework for setting the following headers:
- Content security policy.
- HSTS policy.
- XSRF.
- Download client secrets.
- In appengine config, use airlock.set_config
- Use airlock's subclasses.
- Set up a
Usermodel.