def auth_factory(app, handler):
@asyncio.coroutine
def auth(request):
logging.info('check user: %s %s' % (request.method, request.path))
request.__user__ = None # ?????__user__????None
cookie_str = request.cookies.get(COOKIE_NAME) # ??cookie?????cookie????COOKIE_NAME??headlers??????
if cookie_str:
user = yield from cookie2user(cookie_str) # ??cookie????????
if user:
logging.info('set current user: %s' % user.email)
request.__user__ = user # ???????????
# ???????????????????????????????
if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
return web.HTTPFound('/signin')
return (yield from handler(request))
return auth
# ????????POST?????????
评论列表
文章目录