Tornado provides get_current_user() method to determine if the user is already logged in. Developers need to override this method to get the current user and that can be done through cookies (secure). Every logged-in user, is represented by Tornado as self.current_user. By default this value is set to None.
http://technobeans.wordpress.com/2012/08/14/tornado-authentication/
import tornado.ioloop import tornado.web class Main(tornado.web.RequestHandler): def get_current_user(self): return self.get_secure_cookie("user") def get(self): if not self.current_user: self.redirect("/login") return username = self.current_user self.write('Hi there, '+ username) class Login(Main): def get(self): self.render('auth.html') def post(self): self.set_secure_cookie("user", self.get_argument("username")) self.redirect("/") application = tornado.web.Application([ (r"/", Main), (r"/login", Login), (r"/(style\.css)",tornado.web.StaticFileHandler, {"path": "./css/"}), ],debug=True, cookie_secret="61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=") if __name__ == "__main__": application.listen(8888) tornado.ioloop.IOLoop.instance().start()
No comments:
Post a Comment