From f4a9232eef3497b31117efffe83ff27b8a417401 Mon Sep 17 00:00:00 2001
From: Andrew Svetlov <andrew.svetlov@gmail.com>
Date: Thu, 26 Nov 2015 14:09:01 +0200
Subject: [PATCH 1/2] Add couple sentences to the doc

---
 docs/example.rst |  2 +-
 docs/usage.rst   | 19 +++++++++++++++----
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/docs/example.rst b/docs/example.rst
index eb88231..9a29c8d 100644
--- a/docs/example.rst
+++ b/docs/example.rst
@@ -43,7 +43,7 @@ How to Make a Simple Server With Authorization
     def init(loop):
         # set up identity and auth
         auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',),
-                                                     'you': ('view_user', 
+                                                     'you': ('view_user',
                                                              'edit_user',)})
         identity_policy = CookieIdentityPolicy()
         auth = authorization_middleware(auth_policy, identity_policy)
diff --git a/docs/usage.rst b/docs/usage.rst
index 62d9ccf..471e879 100644
--- a/docs/usage.rst
+++ b/docs/usage.rst
@@ -8,17 +8,28 @@
 .. currentmodule:: aiohttp_security
 .. highlight:: python
 
-The library is build on top of two policies: :term:`authentication`
-and :term:`authorization` and public API.
 
-API is policy agnostic, all client code should not call policy code
-directly but use API only.
+First of all, what is *aiohttp_security* about?
+
+It is a set of public API functions and standard for implementation details.
+
+API is implementation agnostic, all client code should not call policy
+code (see below) directly but use API only.
 
 Via API application can remember/forget user in local session
 (:func:`remember`/:func:`forget`), retrieve :term:`userid`
 (:func:`authorized_userid`) and check :term:`permission` for
 remembered user (:func:`permits`).
 
+The library internals are built on top of two policies:
+:term:`authentication` and :term:`authorization`. There are abstract
+base classes for both concepts as well as several implementations
+shipped with the library. End user is free to build own implemetations
+if needed.
+
+Public API
+==========
+
 
 Authentication
 ==============

From 77ed3154e34369ac06a6ea2b409d9370f14f4637 Mon Sep 17 00:00:00 2001
From: Andrew Svetlov <andrew.svetlov@gmail.com>
Date: Thu, 26 Nov 2015 20:09:00 +0200
Subject: [PATCH 2/2] Work on demo

---
 aiohttp_security/__init__.py |  3 +++
 demo/db_auth.py              |  6 ++---
 demo/main.py                 | 46 ++++++++++++++++++++++++++++++++++++
 3 files changed, 52 insertions(+), 3 deletions(-)
 create mode 100644 demo/main.py

diff --git a/aiohttp_security/__init__.py b/aiohttp_security/__init__.py
index 5e1acd1..27b7367 100644
--- a/aiohttp_security/__init__.py
+++ b/aiohttp_security/__init__.py
@@ -1,10 +1,13 @@
 from .abc import AbstractIdentityPolicy, AbstractAuthorizationPolicy
 from .api import remember, forget, setup, authorized_userid, permits
+from .cookies_identity import CookiesIdentityPolicy
+from .session_identity import SessionIdentityPolicy
 
 
 __version__ = '0.1.0'
 
 
 __all__ = ('AbstractIdentityPolicy', 'AbstractAuthorizationPolicy',
+           'CookiesIdentityPolicy', 'SessionIdentityPolicy',
            'remember', 'forget', 'authorized_userid',
            'permits', 'setup')
diff --git a/demo/db_auth.py b/demo/db_auth.py
index 14b18e1..52f1572 100644
--- a/demo/db_auth.py
+++ b/demo/db_auth.py
@@ -4,8 +4,8 @@ from aiohttp_security.authorization import AbstractAuthorizationPolicy
 
 
 class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
-    def __init__(self, db_pool):
-        self.db_pool = db_pool
+    def __init__(self, dbengine):
+        self.dbengine = dbengine
 
     @asyncio.coroutine
     def permits(self, identity, permission, context=None):
@@ -18,6 +18,6 @@ class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
 
     @asyncio.coroutine
     def authorized_user_id(self, identity):
-        with (yield from self.db_pool) as conn:
+        with (yield from self.dbengine) as conn:
             conn
         return identity if identity in self.data else None
diff --git a/demo/main.py b/demo/main.py
new file mode 100644
index 0000000..eb7ba96
--- /dev/null
+++ b/demo/main.py
@@ -0,0 +1,46 @@
+import asyncio
+
+from aiohttp import web
+from aiohttp_session import setup as setup_session
+from aiohttp_session.redis_storage import RedisStorage
+from aiohttp_security import setup as setup_security
+from aiohttp_security import SessionIdentityPolicy
+from aiopg.sa import create_engine
+from aioredis import create_pool
+
+
+from demo.db_auth import DBAuthorizationPolicy
+
+
+@asyncio.coroutine
+def init(loop):
+    redis_pool = yield from create_pool(('localhost', 6379))
+    dbengine = yield from create_engine(user='aiohttp_security',
+                                        password='aiohttp_security',
+                                        database='aiohttp_security',
+                                        host='127.0.0.1')
+    app = web.Application(loop=loop)
+    setup_session(app, RedisStorage(redis_pool))
+    setup_security(app,
+                   SessionIdentityPolicy(),
+                   DBAuthorizationPolicy(dbengine))
+
+    app.add_route()
+
+    handler = app.make_handler()
+    srv = yield from loop.create_server(handler, '127.0.0.1', 8080)
+    print("Server started at http://127.0.0.1:8080")
+    return srv, handler
+
+
+@asyncio.coroutine
+def finalize(loop, srv, handler):
+    pass
+
+
+loop = asyncio.get_event_loop()
+srv, handler = loop.run_until_complete(init(loop))
+try:
+    loop.run_forever()
+except KeyboardInterrupt:
+    loop.run_until_complete((finalize(loop)))