|Macoy Madson 437e85c503||11 months ago|
|templates||11 months ago|
|webInterfaceNoAuth||11 months ago|
|.gitignore||11 months ago|
|AuthenticatedServer.py||11 months ago|
|Generate_Certificates.py||1 year ago|
|LICENSE||1 year ago|
|PasswordManager.py||11 months ago|
|ReadMe.org||11 months ago|
A template for adding login authenticated users.
For personal use only, as there is no support for creating new accounts without direct server access.
I'm no expert, so use and trust at your own risk! This security is essentially a cheap padlock which keeps honest people honest and undetermined intruders out.
git clone https://github.com/makuto/tornado-authenticated-template
The following dependencies are required:
pip install tornado passlib bcrypt argon2_cffi
You'll want to use Python 3, which for your environment may require you to specify
pip3 instead of just
cd tornado-authenticated-template/ ./Generate_Certificates.sh
This step is only required if you want to use SSL, which ensures you have an encrypted connection to the server.
Open localhost:8888 in any web browser
If your web browser complains about the certificate, you may have to click
Advanced and add the certificate as trustworthy, because you've signed the certificate and trust yourself :). If you want to get rid of this, you'll need to get a signing authority like
LetsEncrypt to generate your certificate.
When you first run the server, the Create Account interface will automatically show up when visiting localhost:8888.
Note that this will be the only account that can be created through the web interface. If you want to let others create accounts, open AuthenticatedServer.py and set
enable_subsequent_account_creation = True. Then, anyone may visit localhost:8888/createNewAccount to create a new account.
You can use
PasswordManager.py to edit file
accounts.json with hashed (and salted) passwords:
If you want to reset all accounts, simply delete
You should now see a Login page before being able to access any content.
Note that all login cookies will be invalidated each time you restart the server.