Public Member Functions | |
| def | authenticate_redirect |
| def | authorize_redirect |
| def | facebook_request |
| def | get_authenticated_user |
Private Member Functions | |
| def | _on_get_user_info |
| def | _parse_response |
| def | _signature |
Facebook Connect authentication.
New applications should consider using `FacebookGraphMixin` below instead
of this class.
To authenticate with Facebook, register your application with
Facebook at http://www.facebook.com/developers/apps.php. Then
copy your API Key and Application Secret to the application settings
'facebook_api_key' and 'facebook_secret'.
When your application is set up, you can use this Mixin like this
to authenticate the user with Facebook::
class FacebookHandler(tornado.web.RequestHandler,
tornado.auth.FacebookMixin):
@tornado.web.asynchronous
def get(self):
if self.get_argument("session", None):
self.get_authenticated_user(self.async_callback(self._on_auth))
return
self.authenticate_redirect()
def _on_auth(self, user):
if not user:
raise tornado.web.HTTPError(500, "Facebook auth failed")
# Save the user using, e.g., set_secure_cookie()
The user object returned by get_authenticated_user() includes the
attributes 'facebook_uid' and 'name' in addition to session attributes
like 'session_key'. You should save the session key with the user; it is
required to make requests on behalf of the user later with
facebook_request().
| def tornado.auth.FacebookMixin._on_get_user_info | ( | self, | |
| callback, | |||
| session, | |||
| users | |||
| ) | [private] |
| def tornado.auth.FacebookMixin._parse_response | ( | self, | |
| callback, | |||
| response | |||
| ) | [private] |
| def tornado.auth.FacebookMixin._signature | ( | self, | |
| args | |||
| ) | [private] |
| def tornado.auth.FacebookMixin.authenticate_redirect | ( | self, | |
callback_uri = None, |
|||
cancel_uri = None, |
|||
extended_permissions = None |
|||
| ) |
| def tornado.auth.FacebookMixin.authorize_redirect | ( | self, | |
| extended_permissions, | |||
callback_uri = None, |
|||
cancel_uri = None |
|||
| ) |
Redirects to an authorization request for the given FB resource. The available resource names are listed at http://wiki.developers.facebook.com/index.php/Extended_permission. The most common resource types include: * publish_stream * read_stream * email * sms extended_permissions can be a single permission name or a list of names. To get the session secret and session key, call get_authenticated_user() just as you would with authenticate_redirect().
| def tornado.auth.FacebookMixin.facebook_request | ( | self, | |
| method, | |||
| callback, | |||
| args | |||
| ) |
Makes a Facebook API REST request.
We automatically include the Facebook API key and signature, but
it is the callers responsibility to include 'session_key' and any
other required arguments to the method.
The available Facebook methods are documented here:
http://wiki.developers.facebook.com/index.php/API
Here is an example for the stream.get() method::
class MainHandler(tornado.web.RequestHandler,
tornado.auth.FacebookMixin):
@tornado.web.authenticated
@tornado.web.asynchronous
def get(self):
self.facebook_request(
method="stream.get",
callback=self.async_callback(self._on_stream),
session_key=self.current_user["session_key"])
def _on_stream(self, stream):
if stream is None:
# Not authorized to read the stream yet?
self.redirect(self.authorize_redirect("read_stream"))
return
self.render("stream.html", stream=stream)
| def tornado.auth.FacebookMixin.get_authenticated_user | ( | self, | |
| callback | |||
| ) |