python – How to check users cookie in tornado object orientally?

python – How to check users cookie in tornado object orientally?

if your usecase is user authentication this is perfectly handled in tornado using the @tornado.web.authenticated decorator on any method with secured access in your handlers.
This will call the get_current_user method of the handler which you can implement in the Baseclass (Which would be your ParentClass in your example)

For more info and working code see the excerpt below which I have taken from the according tornado documentation

User authentication

The currently authenticated user is available in every request handler
as self.current_user, and in every template as current_user. By
default, current_user is None.

To implement user authentication in your application, you need to
override the get_current_user() method in your request handlers to
determine the current user based on, e.g., the value of a cookie. Here
is an example that lets users log into the application simply by
specifying a nickname, which is then saved in a cookie:

class BaseHandler(tornado.web.RequestHandler):
    def get_current_user(self):
        return self.get_secure_cookie(user)

class MainHandler(BaseHandler):
    def get(self):
        if not self.current_user:
            self.redirect(/login)
            return
        name = tornado.escape.xhtml_escape(self.current_user)
        self.write(Hello,  + name)

class LoginHandler(BaseHandler):
    def get(self):
        self.write(<html><body><form action=/login method=post>
                   Name: <input type=text name=name>
                   <input type=submit value=Sign in>
                   </form></body></html>)

    def post(self):
        self.set_secure_cookie(user, self.get_argument(name))
        self.redirect(/)

application = tornado.web.Application([
    (r/, MainHandler),
    (r/login, LoginHandler),
], cookie_secret=__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__)

You can require that the user be logged in using the Python decorator
tornado.web.authenticated. If a request goes to a method with this
decorator, and the user is not logged in, they will be redirected to
login_url (another application setting). The example above could be
rewritten:

class MainHandler(BaseHandler):
    @tornado.web.authenticated
    def get(self):
        name = tornado.escape.xhtml_escape(self.current_user)
        self.write(Hello,  + name)

settings = {
    cookie_secret: __TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__,
    login_url: /login,
}
application = tornado.web.Application([
    (r/, MainHandler),
    (r/login, LoginHandler),
], **settings)

python – How to check users cookie in tornado object orientally?

Leave a Reply

Your email address will not be published.