Authentication in Tornado application

Hello, I am trying to implement some simple cookie based authentication in my Tornado application as per this guide:

However I cant seem to find where to set the tornado.web.settings object

settings = {
“cookie_secret”: “generate random secret here”,
“login_url”: “/login”,

In all the Tornado examples on the settings is passed to the tornado.web.Application class:

application = tornado.web.Application([
(r"/", MainHandler),
(r"/login", LoginHandler),
], **settings)

but in Mopidy we simply use a factory that returns a list of request handlers and there doesnt seem to be anywhere to pass the settings

I have a feeling I’m missing something fairly straightforward here. Any help would be appreciated

Many thanks


You can set the cookie_secret in your RequestHandler like this:


enabled = true

# Key used by Tornado web server to store cookies securely
cookie_secret = c1e95c2327dc5ab115554cc6f0e2307d2562f829a2ce1471c6ea7a876490f7ea

Web handler:

class IndexHandler(tornado.web.RequestHandler):
    def initialize(self, core, config):
        self.core = core
        self.config = config
        self.application.settings['cookie_secret'] = self.config['extension_name']['cookie_secret']