def do_login(self): user_name = self.get_argument("user") password = self.get_argument("password") user = User.authenticate_user(user_name, password) # either false or user object if user: # login worked session = Session(user_model_id=user.model_id) session.save() session.set_cookie(self) self.redirect('/')