CODEWITHSUNDEEP
pythonopeniddocumenttornado
Jakob Bowyer
Jakob Bowyer

Reputation: 34688

Setting up openId in tornado python

Hey all... I have been reading the tornado doc and came across open id mixin so I thought to myself "Wicked no horrid password system on my side" then I looked into how to implement it, the only example I came across was this

class GoogleHandler(tornado.web.RequestHandler, tornado.auth.GoogleMixin):
    @tornado.web.asynchronous
    def get(self):
        if self.get_argument("openid.mode", None):
            self.get_authenticated_user(self.async_callback(self._on_auth))
            return
        self.authenticate_redirect()

    def _on_auth(self, user):
        if not user:
            raise tornado.web.HTTPError(500, "Google auth failed")

Which doesn't show the bigger picture, like routes, appsettings etc etc # Save the user with, e.g., set_secure_cookie()

So my question is. How does this fit into the bigger picture that is a tornado site.

Upvotes: 3

Views: 1160

Answers (1)

Ivan Blinkov
Ivan Blinkov

Reputation: 2554

This handler does not depend on other parts of application, you just set it on something like '/login/google' in url conf and place a link to this url somewhere on your website.

User clicks on it and gets redirected to google auth page (if it's logged out of google) or to a page asking to grant permission to acces his/her basic info. If user accepts - browser gets redirected back on this url handler and control comes to _on_auth method, where the user object, if present, contains a dict with user's email, name, location settings and a bunch of other stuff (just dump this variable to logs to see all of it).

At this point you can do whatever you want with this data, but in general it can look something like this:

  1. check whether you have user with this email in database
  2. if you have: you retrieve it's id and set it to his (secure) cookies
  3. if it is not present: you create it with provided data, save to database, optionally send email with autogenerated password and also set the cookie
  4. redirect somewhere else in your application: to his profile, home page or whatever you need
  5. now your user has cookie available in all other handlers, usually you will use it while overriding RequestHandler.get_current_user method

Upvotes: 6

Related Questions