How to use a test tornado server handler that authenticates a user via a secure cookie

Using mock:

import mock

...

class UserAPITest(AsyncHTTPTestCase):
    def get_app(self):
        self.app = Application([('/', MainHandler)],
                    cookie_secret='asdfasdf')
        return self.app

    def test_user_profile_annoymous(self):
        with mock.patch.object(MainHandler, 'get_secure_cookie') as m:
            m.return_value = 'user_email'
            response = self.fetch('/', method='GET')
        self.assertEqual('sucess', to_unicode(response.body) )

It seems you may try to use a create_signed_value function from tornado.web module:

from tornado.web import create_signed_value

class UserAPITest(AsyncHTTPTestCase):

    def get_app(self):
         self.app = Application([('/', MainHandler)],
                                cookie_secret='asdfasdf')
         return self.app

    def test_user_profile_annoymous(self):
        cookie_name, cookie_value = 'Cookie', 'value'
        secure_cookie = create_signed_value(
            self.app.settings["cookie_secret"],
            cookie_name,
            cookie_value)
        headers = {'Cookie': '='.join((cookie_name, secure_cookie))}

        response = self.fetch('/', method='GET', headers=headers)
        self.assertEqual('success', response.body)