Last active
December 12, 2015 08:39
-
-
Save guillaumevincent/4745647 to your computer and use it in GitHub Desktop.
Basic authentication with Tornado.
Tornado doesn't provide a good documentation when you try to handle your own login service. I tried to do mine
My new gist : https://gist.github.com/guillaumevincent/4771570
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import tornado.auth | |
| import tornado.escape | |
| import tornado.httpserver | |
| import tornado.ioloop | |
| import tornado.options | |
| import tornado.web | |
| import Settings | |
| from tornado.options import define, options | |
| define("port", default=8888, help="run on the given port", type=int) | |
| class Application(tornado.web.Application): | |
| def __init__(self): | |
| handlers = [ | |
| (r"/", MainHandler), | |
| (r"/auth/login/", LoginHandler), | |
| (r"/auth/logout/", LogoutHandler), | |
| (r"/sb/", ScubabookHandler), | |
| ] | |
| settings = dict( | |
| template_path=Settings.TEMPLATE_PATH, | |
| static_path=Settings.STATIC_PATH, | |
| debug=Settings.DEBUG, | |
| cookie_secret=Settings.COOKIE_SECRET | |
| ) | |
| tornado.web.Application.__init__(self, handlers, **settings) | |
| class BaseHandler(tornado.web.RequestHandler): | |
| def get_current_user(self): | |
| user_json = self.get_secure_cookie("user") | |
| if user_json: | |
| return tornado.escape.json_decode(user_json) | |
| else: | |
| return None | |
| class MainHandler(tornado.web.RequestHandler): | |
| def get(self): | |
| try: | |
| errormessage = self.get_argument("error") | |
| except: | |
| errormessage = "" | |
| self.render("index.html", errormessage = errormessage) | |
| class LoginHandler(BaseHandler): | |
| def check_permission(self, password, username): | |
| if username == "admin" and password == "admin": | |
| return True | |
| return False | |
| def post(self): | |
| username = self.get_argument("username", "") | |
| password = self.get_argument("password", "") | |
| auth = self.check_permission(password, username) | |
| if auth: | |
| self.set_current_user(username) | |
| self.redirect(self.get_argument("next", u"/sb/")) | |
| else: | |
| error_msg = u"?error=" + tornado.escape.url_escape("Login incorrect") | |
| self.redirect(u"/" + error_msg) | |
| def set_current_user(self, user): | |
| if user: | |
| self.set_secure_cookie("user", tornado.escape.json_encode(user)) | |
| else: | |
| self.clear_cookie("user") | |
| class LogoutHandler(BaseHandler): | |
| def get(self): | |
| self.clear_cookie("user") | |
| self.redirect(u"/") | |
| class ScubabookHandler(tornado.web.RequestHandler): | |
| def get_current_user(self): | |
| return self.get_secure_cookie("user") | |
| def get(self): | |
| if not self.current_user: | |
| self.redirect("/") | |
| return | |
| username = self.current_user | |
| self.write('Hi there, '+ username) | |
| def main(): | |
| tornado.options.parse_command_line() | |
| http_server = tornado.httpserver.HTTPServer(Application()) | |
| http_server.listen(options.port) | |
| tornado.ioloop.IOLoop.instance().start() | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment