This section contains tutorials about how to implement authentication and authorization in a Pylons app. Authentication refers specifically to ascertaining who the current user is and providing a login screen. Authorization refers to how you use this information; e.g., selectively denying access to parts of the site depending on who the user is, or redirecting to the authentication code if the user is not logged in. The abbreviation auth is used to refer to both authentication and authorization.
Pylons does not have a built-in auth system, but many applications use repoze.who (authentication) and repoze.what (authorization), which are also the official auth^2 libraries in TurboGears. There are also tutorials here for building your own auth system from scratch. (AuthKit, an older library, is no longer maintained.)
