adding decorator and demo code

demo/session_auth/auth_policy.py

@@ -0,0 +1,11 @@
+import asyncio
+
+from aiohttp_security.abc import AbstractAuthorizationPolicy
+
+
+class StubAuthorizationPolicy(AbstractAuthorizationPolicy):
+    @asyncio.coroutine
+    def permits(self, identity, permission, context=None):
+        if identity == permission:
+            return True
+        return False

demo/session_auth/handlers.py

@@ -0,0 +1,34 @@
+from aiohttp import web
+from aiohttp_jinja2 import render_template
+
+from aiohttp_security import authorize, get_user_identity, remember, forget
+
+
+@authorize(required=True, redirect_url='/login', permission='Steve')
+async def index(request, identity=None):
+    context = {'name': identity}
+    response = render_template('index.html', request, context)
+    return response
+
+
+async def login(request):
+    identity = await get_user_identity(request)
+    if identity:
+        return web.HTTPFound('/')
+    response = render_template('login.html', request, {})
+    return response
+
+
+async def login_post(request):
+    post_data = await request.post()
+    user_id = post_data['username']
+    password = post_data['password']
+    response = web.Response(body=b'OK')
+    await remember(request, response, user_id)
+    return response
+
+
+async def logout(request):
+    response = web.Response(body=b'OK')
+    await forget(request, response)
+    return response

demo/session_auth/main.py

@@ -0,0 +1,27 @@
+import asyncio
+import os
+
+import jinja2
+from aiohttp import web
+from aiohttp_jinja2 import setup as setup_jinja
+from aiohttp_session import setup as setup_session
+from aiohttp_session.redis_storage import RedisStorage
+from aioredis import create_pool
+
+from aiohttp_security import setup as setup_security, SessionIdentityPolicy
+from .auth_policy import StubAuthorizationPolicy
+from .handlers import index, login, login_post, logout
+
+loop = asyncio.get_event_loop()
+redis_pool = loop.run_until_complete(create_pool(('localhost', 6379)))
+app = web.Application(loop=loop)
+setup_session(app, RedisStorage(redis_pool))
+setup_security(app,
+               SessionIdentityPolicy(),
+               StubAuthorizationPolicy())
+setup_jinja(app, loader=jinja2.FileSystemLoader(os.path.join(os.path.dirname(__file__), 'templates')))
+app.router.add_route('GET', '/', index)
+app.router.add_route('GET', '/login', login)
+app.router.add_route('POST', '/login', login_post)
+app.router.add_route('GET', '/logout', logout)
+web.run_app(app)

demo/session_auth/templates/base.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>aiohttp_security demo</title>
+</head>
+<body>
+{% block content %}{% endblock %}
+{% block script %}{% endblock %}
+</body>
+</html>

demo/session_auth/templates/index.html

@@ -0,0 +1,6 @@
+{% extends 'base.html' %}
+{% block content %}
+<div>
+    <h1>Hello {{name}}!</h1>
+</div>
+{% endblock %}

demo/session_auth/templates/login.html

@@ -0,0 +1,15 @@
+{% extends 'base.html' %}
+{% block content %}
+<div>
+    <h3>Login</h3>
+    <form class="m-t" role="form" action="/login" method="post">
+        <div class="form-group">
+            <input name="username" type="text" class="form-control" placeholder="ID" required="">
+        </div>
+        <div class="form-group">
+            <input name="password" type="password" class="form-control" placeholder="Password" required="">
+        </div>
+        <button type="submit">Login</button>
+    </form>
+</div>
+{% endblock %}