def auth_factory(app, handler):
@asyncio.coroutine
def auth(request):
logging.info('check user: {} {}'.format(request.method, request.path))
request.__user__ = None
cookie_str = request.cookies.get(COOKIE_NAME)
if cookie_str:
user = yield from cookie2user(cookie_str)
if user:
logging.info('set current user: {}'.format(user.email))
request.__user__ = user
if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
return web.HTTPFound('/signin')
return (yield from handler(request))
return auth
评论列表
文章目录
