1.重寫get_current_user()方法
class BaseHandler(tornado.web.RequestHandler): def get_current_user(self): return self.get_secure_cookie("username")
獲取cookie中用戶信息
2.登錄url
class LoginHandler(BaseHandler): def get(self): self.render('login.html') def post(self): self.set_secure_cookie("username", self.get_argument("username")) self.redirect("/")
代碼是簡單的示例,沒有做登錄驗證
3.主界面url
class WelcomeHandler(BaseHandler): @tornado.web.authenticated def get(self): self.render('index.html', user=self.current_user)
@tornado.web.authenticated裝飾器包裹get方法時,表示這個方法只有在用戶合法時才會調用,authenticated裝飾器會調用get_current_user()方法獲取current_user的值,若值為False,則重定向到登錄url
4.退出登錄url
class LogoutHandler(BaseHandler): def get(self): if (self.get_argument("logout", None)): self.clear_cookie("username") self.redirect("/")
刪除cookie中的用戶,重定向到登錄url
5.服務器設置
if __name__ == "__main__": tornado.options.parse_command_line() settings = { "template_path": os.path.join(os.path.dirname(__file__), "templates"), "cookie_secret": "bZJc2sWbQLKos6GkHn/VB9oXwQt8S0R0kRvJ5/xJ89E=", "xsrf_cookies": True, "login_url": "/login" } application = tornado.web.Application([ (r'/', WelcomeHandler), (r'/login', LoginHandler), (r'/logout', LogoutHandler) ], **settings) http_server = tornado.httpserver.HTTPServer(application) http_server.listen(options.port) tornado.ioloop.IOLoop.instance().start()
login_url參數設定了登錄url