A basic Tornado setup for an authenticated login
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Macoy Madson 437e85c503 Use global paths for stylesheet 11 months ago
templates Use global paths for stylesheet 11 months ago
webInterfaceNoAuth Added account support 11 months ago
.gitignore Added account support 11 months ago
AuthenticatedServer.py Added account support 11 months ago
Generate_Certificates.py Added authenticated server 1 year ago
LICENSE Initial commit 1 year ago
PasswordManager.py Added account support 11 months ago
ReadMe.org Added account support 11 months ago

ReadMe.org

Tornado Authenticated Server

A template for adding login authenticated users.

For personal use only, as there is no support for creating new accounts without direct server access.

I'm no expert, so use and trust at your own risk! This security is essentially a cheap padlock which keeps honest people honest and undetermined intruders out.

Directions

1. Clone this repository

git clone https://github.com/makuto/tornado-authenticated-template

2. Install python dependencies

The following dependencies are required:

pip install tornado passlib bcrypt argon2_cffi

You'll want to use Python 3, which for your environment may require you to specify pip3 instead of just pip.

3. Generate SSL keys

cd tornado-authenticated-template/
./Generate_Certificates.sh

This step is only required if you want to use SSL, which ensures you have an encrypted connection to the server.

4. Run the server

python3 AuthenticatedServer.py

5. Test it

Open localhost:8888 in any web browser

If your web browser complains about the certificate, you may have to click Advanced and add the certificate as trustworthy, because you've signed the certificate and trust yourself :). If you want to get rid of this, you'll need to get a signing authority like LetsEncrypt to generate your certificate.

Creating accounts

Create your account(s)

Creating accounts from the web interface

When you first run the server, the Create Account interface will automatically show up when visiting localhost:8888.

Note that this will be the only account that can be created through the web interface. If you want to let others create accounts, open AuthenticatedServer.py and set enable_subsequent_account_creation = True. Then, anyone may visit localhost:8888/createNewAccount to create a new account.

Creating accounts from the command line

You can use PasswordManager.py to edit file accounts.json with hashed (and salted) passwords:

python3 PasswordManager.py

If you want to reset all accounts, simply delete accounts.json.

Restart your server

You should now see a Login page before being able to access any content.

Note that all login cookies will be invalidated each time you restart the server.