On 04/01/07, Ross Paterson
Authentication would only happen when you upload a package. Do you have an alternative suggestion?
The normal authentication methods for web applications. Store a database of (username, password) pairs. A user becomes logged in by setting two cookies, one to indicate their username and one to indicate their password (or often the MD5 hash of their password). To authenticate a user, you check that these cookies are present, that the value of the username cookie appears in the database and that the password cookie matches the corresponding password pulled from the database. I'm not actually that familiar with HTTP Auth itself, just with Trac. But if you want to save frequent contributors tearing their hear out, at least consider this. :) -- -David House, dmhouse@gmail.com