Add DummyProvider for quick password based auth #4684
Conversation
Codecov Report
@@ Coverage Diff @@
## main #4684 +/- ##
===========================================
- Coverage 83.16% 70.49% -12.68%
===========================================
Files 266 267 +1
Lines 37453 37531 +78
===========================================
- Hits 31148 26456 -4692
- Misses 6305 11075 +4770
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 70 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
|
Love this, thanks @MridulS! Some docs would indeed be nice, on the naming side I think we can name this something like
Adding tests would also be nice, think the best way is probably just a UI/integration test (using playwright) that starts a server and then goes through the login flow. |
|
BasicAuth could be an alternative to SimpleAuth. In user forums people use the term "basic" rather than "simple" when searching for this type of auth. |
|
Renamed to |
|
Thanks @MridulS! |
|
Wohoo! Thanks @philippjfr |
|
This is cool. Thanks! Why does it not show up in the dev docs yet? |
|
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
This hopefully gives a solution of quick password based authentication. No need to setup a full fledged OAuth app.
This fixes #2575 and also addresses https://discourse.holoviz.org/t/tips-guide-on-creating-a-simple-username-password-auth-for-panel-app/2582/13.
The PR adds 2 config options:
--dummy-authand--dummy-login-template. With--dummy-authuser can set the password and with--dummy-login-templatethey can override the default user login page (which I stole from https://github.com/bokeh/bokeh/tree/branch-3.2/examples/server/app/server_auth).An example how to use this:
This should open up something like:
I also changed couple of things in auth.py let me know if I should make another PR instead:
The endpoints code doesn't seem like it is required? Ensure that URL query parameters are preserved during OAuth #3656 introduced it but it doesn't seem to fix the issue.
For pathlib,
is_file()is the equivalent toos.path.isfile, trying to inject templates was erroring out on my machine.TODO: