Day 6–7: the login ship has not yet set sail

>>> Brief Summary

As it’s the weekend, I’ll combine my journal posts about the last 48 hours into one, though I actively worked on Athena both days. However, most of that time was not actually spent in my app at all, but crawling the internet for beginner-level information about login/logout patterns, sessions, cookies, and all the different types of authentication handshakes that can occur while interacting with a web app. Having absolutely no background, this quest was actually horrifying and difficult, and I wish I could take a college class in the subject. It made me want to write a much more well-researched Medium post about “login for beginners,” which I’ll work on next week if I can ever figure out anything for certain.

To begin at the beginning, at least: the phrase “log in” is, we think, was borrowed from the practice of keeping a log on board a ship during a voyage*. So every time you “log in” to an app, like Medium, for example, there is a sort of log about you and your personal voyage on that app, to which you (and others) can contribute. Logging in is securely making the connection to that log book, or that storage space, and in the process authenticating you as user of the app and giving you permission to access certain parts of it. That’s about as far as I’ve gotten.

>>>Where I struggled

First off, conceptually! The vocabulary on this subject is confusing, assumptive, and overlapping depending on the web framework. I’ll spend at least the next working day reading about login/logout and the https handshake before I give up and just use the basic Flask example, however, because I am finding it all quite fascinating.

Second, I got bogged down with all the Python/Flask examples out there using the WTForms Python Package, because I didn’t want to spend time trying to figure out how to use WTForms to make a stupid email/password login form. That seems outrageously over-engineered and sort of at-odds with using Bootstrap, which relies heavily on html class attributes/parameters that I do not plan on building in to the ORM to work with WTForms. I just wanted an example of dealing with authenticating/storing an email address and checking against an encrypted password. I’m not even sure if I’m saying that right.

>>>Thoughtful Takeaway

This was the first big concept I attempted to tackle on my own with no context from class, and it was exponentially more difficult, lonely, and frankly embarrassing to work on. I did get the opportunity to work with one of my mentors on it at the beginning, but then I didn’t know enough to know what to ask.

I can’t wait to talk with someone else about it. Maybe that was the problem all along.

*A nice voyage into the origins of logging in.