Fork me on GitHub

Cork - Authentication for the Bottle web framework

Cork provides a simple set of methods to implement Authentication and Authorization in web applications based on Bottle.

It is designed to stay out of the way and let you focus on what your application should do.

Cork is under development - contributions are welcome.


  • Minimal design, easy to tweak.
  • Multiple storage backends are supported:
  • Simple role-based authentication. User are authorized by role e.g. ‘admin’, ‘user’, ‘editor’.
    • Admin users can create and delete user accounts and roles.
  • User registration and password reset using email delivery and confirmation.
  • Unit-tested and code covered


  • 2013-09-22: Version 0.10
    • Decorator support added. #6
    • ‘last_login’ user attribute added. #47 #48
    • In-memory SQLite Database support added.
    • CONTRIBUTORS.txt added
    • Bugfix: configurable role table name #46
    • Bugfix: email address #42
  • 2013-07-07: Version 0.9
    • SQLite support added.
    • SMTP URL bugfix #38
  • 2013-05-27: Version 0.8
  • 2013-04-08: Version 0.7
    • Configurable backend support added.
    • SQLAlchemy and MongoDB support added.
    • Closes: #8 #27 #28
  • 2013-01-27: Version 0.6
    • More flexible file naming in JsonBackend.
    • Fixed function to update user’s email address.
    • More informative log message for missing Pycrypto.


  • Additional hooks to provide logging or user-defined functions in case of login()/require() failure
  • Hooks to share session data between multiple hosts
  • Flask support

Basic usage

See the Howto.


$ pip install bottle-cork
$ easy_install bottle-cork

Use virtualenv on package-based Linux distributions! Learn why

Fully working examples are provided with the sources

Indices and tables