Support custom cookie path. Improve oauth docs #7911
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7911 +/- ##
=======================================
Coverage 87.10% 87.10%
=======================================
Files 346 346
Lines 53133 53146 +13
=======================================
+ Hits 46283 46295 +12
- Misses 6850 6851 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Thanks, happy with this, though I'd probably pull the Azure part out into it's own page now that it is quite detailed and do the same for the other providers eventually.
…panel into enhancement/cookie-path
There was a problem hiding this comment.
Pull Request Overview
This PR introduces support for custom cookie paths for OAuth authentication and updates relevant documentation to guide users on the new configuration.
- Adds a new cookie_path parameter to key functions in the server, configuration, and authentication modules.
- Updates the CLI and docs to reflect the new cookie_path option for finer control over cookie scoping.
Reviewed Changes
Copilot reviewed 17 out of 17 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| panel/io/server.py | Adds cookie_path to get_server and integrates it into the server options. |
| panel/config.py | Introduces the _cookie_path parameter and a cookie_path property using PANEL_COOKIE_PATH. |
| panel/command/serve.py | Adds the --cookie-path CLI argument and enforces mutual exclusivity between CLI and env settings. |
| panel/auth.py | Propagates cookie_path to secure cookie calls. |
| doc/tutorials/intermediate/serve.md | Documents the use of --cookie-path in CLI usage. |
| doc/how_to/server/commandline.md | Updates command line documentation to include cookie path settings. |
| doc/how_to/authentication/trouble_shooting.md | Adds troubleshooting and usage guidance for OAuth along with cookie path examples. |
| doc/how_to/authentication/providers/* | Updates OAuth providers documentation reflecting changes in cookie management. |
| doc/how_to/authentication/configuration.md | Introduces a section on configuring cookie_path in both CLI and Python. |
| doc/api/config.md | Updates the API documentation to include details about the new cookie_path configuration. |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull Request Overview
This PR introduces support for a custom cookie path and improves OAuth-related documentation. Key changes include adding a new "cookie_path" parameter in server configuration, updating the configuration and CLI for cookie path management, and revising documentation to reflect these enhancements.
Reviewed Changes
Copilot reviewed 17 out of 17 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| panel/io/server.py | Added a "cookie_path" parameter and propagated it to the server opts. |
| panel/config.py | Introduced internal configuration for cookie path support. |
| panel/command/serve.py | Added a CLI argument for cookie path with conflict detection. |
| panel/auth.py | Updated cookie-setting calls to include the custom cookie path. |
| Documentation files (serve.md, commandline.md, etc.) | Updated usage and configuration instructions to include cookie path. |
Comments suppressed due to low confidence (1)
panel/auth.py:352
- [nitpick] Several calls to set_secure_cookie now specify cookie_path explicitly. Consider abstracting the common cookie options into a helper function to reduce duplication and ensure consistency.
handler.set_secure_cookie(CODE_COOKIE_NAME, code, expires_days=config.oauth_expiry, httponly=True, path=config.cookie_path)
|
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Closing #7910 and adding oauth documentation that would have made my life much easier.
Todo
cookie_secretis implementedPOC
When setting
PANEL_COOKIE_PATH=apps/debug-panel-oauthand opening/apps/debug-panel-oauth/scriptat my domain I seeWhen I open
/at my domain I seeWhich would solve my problem and let individually deployed Panel apps at my shared domain control oauth individually.