Discusses how to use the Tornado server to create powerful web applications, covering how to modify templates, use persistent storage, secure applications from vulnerabilities, and authenticate applications with external services.
Author(s): Michael Dory; Adam Parrish; Brendan Berg
Publisher: "O'Reilly Media, Inc."
Year: 2011
Language: English
Pages: 121
Table of Contents
Preface
Conventions Used in This Book
Using Code Examples
Safari® Books Online
How to Contact Us
Acknowledgements
Chapter 1. Introduction
What Is Tornado?
Getting Started with Tornado
Community and Support
Simple Web Services
Hello Tornado
The handlers Parameter
Specifying paths with regular expressions
String Service
More About RequestHandlers
HTTP methods
HTTP status codes
Next Steps
Chapter 2. Forms and Templates
Simple Example: Poem Maker Pro
Rendering Templates
Interpolation
Template Syntax
Interpolating Expressions
Control Flow Statements
Using Functions Inside Templates
Complete Example: The Alpha Munger
How It Works
Serving Static Files
Setting the static_path
Generating static URLs with static_url
Next Steps with Templates
Chapter 3. Extending Templates
Blocks and Substitutions
Basics of Blocks
Templates in Practice: Burt’s Books
Autoescaping
UI Modules
Basic Module Usage
Modules in Depth
Embedding JavaScript and CSS
Summing Up
Chapter 4. Databases
Basic MongoDB Operations with PyMongo
Establishing a Connection
Dealing with Documents
MongoDB Documents and JSON
A Simple Persistent Web Service
A Read-Only Dictionary
Writing the Dictionary
Burt’s Books
Reading Books (From the Database)
Editing and Adding Books
Rendering the edit form
Retrieving book information from the database
Saving to the database
MongoDB: Next Steps
Chapter 5. Asynchronous Web Services
Asynchronous Web Requests
Starting Synchronous
The Trouble with Blocking
Basic Asynchronous Calls
The asynchronous Decorator and the finish Method
Asynchronous Generators
Summary of Asynchronous Operations
Long Polling with Tornado
The Benefits of Long Polling
Example: Live Inventory Reporting
The Downsides of Long Polling
WebSockets with Tornado
Tornado’s WebSocket Module
Example: Live Inventory with WebSockets
The Future of WebSockets
Chapter 6. Writing Secure Applications
Cookie Vulnerabilities
Cookie Forgery
Secure Cookies
Using Secure Cookies
HTTP-Only and SSL Cookies
Request Vulnerabilities
Anatomy of a Cross-Site Request Forgery
Defending Against Request Forgeries
Using Tornado’s XSRF protection
XSRF Tokens and AJAX Requests
User Authentication
Example: Welcome Back
The authenticated Decorator
The current_user property
The login_url setting
Summing up
Chapter 7. Authenticating with External Services
The Tornado auth Module
The Authorization Workflow
Asynchronous Requests
Example: Sign in With Twitter
Example: Facebook Authentication and the Graph API
Chapter 8. Deploying Tornado
Reasons for Running Multiple Tornado Instances
Using Nginx as a Reverse Proxy
Basic Nginx Configuration
SSL Decryption with Nginx
Using Supervisor to Manage Tornado Processes
