All of them ... I'm studying the storm doctor and I have come into the open id mix, so I myself The thought of "Wicked password system on my side", then how I applied it, was the only example of this:
class GoogleHandler (tornado.web.RequestHandler, tornado.auth.GoogleMixin): @ Tornado.web.asynchronous def (self): If self.get_argument ("openid.mode", none): self.get_authenticated_user (self.async_callback (self._on_auth)) self-authentication_redirect () def _on_auth (self, User): if No users: raise tornado.web.HTTPError (500, "Google auth failed") which does not show large pictures, routes, apps, etc. # With the save user, for example For, set_secure_cookie ()
So my question is how is it fit in the big picture which is a storm site.
This handler does not depend on other parts of the application, Set on something like 'google /' and keep a link to this url on your website.
The user clicks on it and gets redirected to Google Earth Page (if it is logged out of Google) or asks a page to allow it to obtain its basic information. If the user accepts - the browser is redirected to this URL handler and the control comes in the _on_auth method, where the user object, if present, is in the user Sector email, a group of settings name, location and other stuff (just dump these Varyum login to see it). At this point you can do whatever you want with this data, but in general it may look like this:
- Check if your This email is in the database
- If you have: You can retrieve the ID and set it in your (secure) cookies
- If it is not present: You create it from the data provided, you can save it in the database, alternatively the autogenent that You can also send email with the password and set a cookie
- Redirect somewhere in your application: its profiles, homepage or whatever you want
- Your users can now Cookie is available in all other handlers of, generally you will use it when overriding the RequestHandler.get_current_user method
Comments
Post a Comment