/gist:415678

## gistfile1.pyw
class AuthMixin(object):
    def get_authenticated_user(self, callback, username, hashed_password, domain):
        url = "http://%s%s%s/%s/" % (domain, "/api/user/username/", username, hashed_password)
        http = tornado.httpclient.AsyncHTTPClient()
        http.fetch(url, callback=self.async_callback(self._parse_response, callback))

    def _parse_response(self, callback, response):
        print "Get response"
        if response.error:
            logging.warning("HTTP error from Auth API: %s", response.error)
            callback(None)
            return
        try:
            answer = tornado.escape.json_decode(response.body)
        except:
            logging.warning("Invalid JSON from Auth API: %r", response.body)
            callback(None)
            return
        callback(answer)

class BaseHandler(tornado.web.RequestHandler, AuthMixin):
    @tornado.web.asynchronous
    def get_current_user(self):
        #import pdb; pdb.set_trace()
        user_id = self.get_secure_cookie("user")
        user_cookie = self.get_cookie("lp_login")
        url = urlparse("http://%s" % self.request.host)
        domain = url.netloc.split(":")[0]
        if user_id:
            self.set_secure_cookie("user", user_id)
            return Author.objects.get(id=int(user_id))
        elif user_cookie:
            try:
                 username, hashed_password = urllib.unquote(user_cookie).rsplit(',',1)
            except ValueError:
                # check against malicious clients
                return None
            #self.redirect("/auth/clogin?next=%s&u=%s&h=%s" % (self.request.path, username, hashed_password))
            self.get_authenticated_user(self.async_callback(self.on_response), username, hashed_password, domain)
        else:
            return None

    def on_response(self, answer):
        username = answer['username']
        if answer["has_valid_credentials"]:
            # Get user_id here
            print user_id
            self.set_secure_cookie("user", user_id)

## gistfile2.txt

      
    Raw
  

              gistfile2.txt
	class AuthMixin(object):
	def get_authenticated_user(self, callback, username, hashed_password, domain):
	url = "http://%s%s%s/%s/" % (domain, "/api/user/username/", username, hashed_password)
	http = tornado.httpclient.AsyncHTTPClient()
	http.fetch(url, callback=self.async_callback(self._parse_response, callback))

	def _parse_response(self, callback, response):
	print "Get response"
	if response.error:
	logging.warning("HTTP error from Auth API: %s", response.error)
	callback(None)
	return
	try:
	answer = tornado.escape.json_decode(response.body)
	except:
	logging.warning("Invalid JSON from Auth API: %r", response.body)
	callback(None)
	return
	callback(answer)

	class BaseHandler(tornado.web.RequestHandler, AuthMixin):
	@tornado.web.asynchronous
	def get_current_user(self):
	#import pdb; pdb.set_trace()
	user_id = self.get_secure_cookie("user")
	user_cookie = self.get_cookie("lp_login")
	url = urlparse("http://%s" % self.request.host)
	domain = url.netloc.split(":")[0]
	if user_id:
	self.set_secure_cookie("user", user_id)
	return Author.objects.get(id=int(user_id))
	elif user_cookie:
	try:
	username, hashed_password = urllib.unquote(user_cookie).rsplit(',',1)
	except ValueError:
	# check against malicious clients
	return None
	#self.redirect("/auth/clogin?next=%s&u=%s&h=%s" % (self.request.path, username, hashed_password))
	self.get_authenticated_user(self.async_callback(self.on_response), username, hashed_password, domain)
	else:
	return None

	def on_response(self, answer):
	username = answer['username']
	if answer["has_valid_credentials"]:
	# Get user_id here
	print user_id
	self.set_secure_cookie("user", user_id)