Being retro can be painful. Instead of using a login page, I wanted to use HTTP Authorization with my web.py based Franklin-like planner. Turns out you need to tell fastcgi to pass the relevant environment variable to the underlying process, and you also need to tell apache to pass the authorization in via a modrewrite hack.
Granted this will be replaced by an https-based login at some point. Still, the idea of passing apache2 HTTP internals to scripts via environment variables seems a noteworthy (and probably completely misguided since I'm not super familiar with apache internals) hack.