Last active
August 29, 2015 13:56
-
-
Save icsaas/8971067 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def authenticated(method): | |
"""Decorate methods with this to require that the user be logged in.""" | |
@functools.wraps(method) | |
def wrapper(self, *args, **kwargs): | |
if not self.current_user: | |
if self.request.method == "GET": | |
url = self.get_login_url() | |
if "?" not in url: | |
url += "?" + urllib.urlencode(dict(next=self.request.uri)) | |
self.redirect(url) | |
return | |
raise HTTPError(403) | |
return method(self, *args, **kwargs) | |
return wrapper | |
def get_current_user(self): | |
user_json = self.get_secure_cookie("chatdemo_user") | |
if not user_json: return None | |
return tornado.escape.json_decode(user_json) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AuthLoginHandler(BaseHandler): | |
def get(self): | |
try: | |
errormessage = self.get_argument("error") | |
except: | |
errormessage = "" | |
self.render("login.html", errormessage = errormessage) | |
class AuthLogoutHandler2(BaseHandler): | |
def get(self): | |
self.clear_cookie("user") | |
self.redirect(self.get_argument("next", "/")) | |
class AuthLoginHandler(BaseHandler): | |
def get(self): | |
try: | |
errormessage = self.get_argument("error") | |
except: | |
errormessage = "" | |
self.render("login.html", errormessage = errormessage) | |
def check_permission(self, password, username): | |
if username == "admin" and password == "admin": | |
return True | |
return False | |
def post(self): | |
username = self.get_argument("username", "") | |
password = self.get_argument("password", "") | |
auth = self.check_permission(password, username) | |
if auth: | |
self.set_current_user(username) | |
self.redirect(self.get_argument("next", u"/")) | |
else: | |
error_msg = u"?error=" + tornado.escape.url_escape("Login incorrect") | |
self.redirect(u"/auth/login/" + error_msg) | |
def set_current_user(self, user): | |
if user: | |
self.set_secure_cookie("user", tornado.escape.json_encode(user)) | |
else: | |
self.clear_cookie("user") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form action="/auth/login/" method="post" id="login_form"> | |
<fieldset> | |
<label for="username">Username</label> | |
<input class="text-input" id="username" name="username" type="text" value=""> | |
</fieldset> | |
<fieldset> | |
<label for="password">Password</label> | |
<input class="text-input" id="password" name="password" type="password" value=""> | |
</fieldset> | |
<fieldset> | |
<span class="errormessage"></span> | |
</fieldset> | |
<div id="form_btn"> | |
<input id="signin-btn" class="btn btn-blue" type="submit" value="Sign In" tabindex="3"> | |
</div> | |
</form> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment