Digest and basic authentication for tornado
Project description
Digest and basic authentication for the Tornado web framework. Based on code and ideas from Twisted’s cred.
Installation
The latest stable version of tornado-ansi-markup can be installed from pypi:
$ pip install tornado-http-auth
Usage
import tornado.ioloop
from tornado.web import RequestHandler, Application
from tornado_http_auth import DigestAuthMixin, BasicAuthMixin, auth_required
credentials = {'user1': 'pass1'}
# Example 1 (using decorator).
class MainHandler(DigestAuthMixin, RequestHandler):
@auth_required(realm='Protected', auth_func=credentials.get)
def get(self):
self.write('Hello %s' % self._current_user)
# Example 2 (using prepare and get_authentciated_user).
class MainHandler(BasicAuthMixin, RequestHandler):
def prepare(self):
self.get_authenticated_user(check_credentials_func=credentials.get, realm='Protected')
def get(self):
self.write('Hello %s' % self._current_user)
app = Application([
(r'/', MainHandler),
])
app.listen(8888)
tornado.ioloop.IOLoop.current().start()
# curl --user user1:pass1 -v http://localhost:8888 -> 200 OK
# curl --user user2:pass2 -v http://localhost:8888 -> 401 Unauthorized
# Remove or comment second class
# curl --digest --user user1:pass1 -v http://localhost:8888 -> 200 OK
# curl --digest --user user2:pass2 -v http://localhost:8888 -> 401 Unauthorized
License
This project is released under the terms of the Apache License, Version 2.0.