If your project is going to require users to log in with a Princeton netid, you should use CAS, which has the great advantage that the user's password is sent only to a trusted third party (i.e., not you) that determines securely whether it is a valid Princeton netid and does not return to your code unless it is.
Your system might display a welcome page like this one, with a login link that points to the authentication page. After a successful call to CASClient's Authenticate(), the authentication page would set a session cookie indicating successful login and redirect to a page inside the site.
Here is a PHP version:
The PHP client code is CASClient.php and the PHP test script is CAStest.php.
Here is a Python version:
The Python client code is CASClient.py, the Python CGI script is CAStestpy.cgi.
Here is a Java version:
The Java client code is CASClient.java, the Java CGI script is CAStestjava.cgi, and the test program is CAStest.java.
The PHP version is by Alex Halderman '03, with contributions from Avi Flamholz '07 and Scott Karlin *03; thanks to all of them. The Python version is bwk's transliteration from the PHP. The Java version is by Bob Dondero, as is the corrected PHP version; many thanks to him as well. Andrew Timmes of CS Staff fixed up the Java version in 2015; thanks.
A pretty cryptic description of the underlying system is found at this OIT site.