secure terminado example ?

[asmodehn]

I am looking for a way to make terminado secure, and easy to run / integrate in other tornado backend projects... Currently, I believe this relies on tornado being properly setup, but this is not trivial and an example would likely help, given how exposing a terminal over the web can be unsafe.

The idea is :

• if the tornado server is started as root, the web page prompts for login, and terminal starts with that user logged in (same behavior as a local tty, leveraging web auth)
• if the tornado server is started as a user, the web page prompts for the password of that user, and terminal starts with that user logged in (same behavior as a local tty, leveraging web auth for a given username)

As an optional step, the terminal can hook into an already running tty (as per the server implementation), so that the remote user is able to drop into an already running embedded ipython repl for instance...

Did someone already try this ? Any hint/advice ?