I'm trying (and succeeding -sort of)to implement an auth method without using OAuth. The code is here:
class ldap_auth(param.Parameterized):
ldap_user=param.String(label="username",)
ldap_pass=param.String(label="password")
ldap_action=param.Action(lambda x: x.param.trigger('ldap_action'),label="Login")
view=param.Parameter
username=pn.widgets.TextInput(name="Username")
username.visible=False
session_id=pn.widgets.TextInput(name="session id")
session_id.visible=False
session_id.jscallback(args={'session_id':session_id},value="console.log('session id:'+session_id.value);window.location=window.location.origin+window.location.pathname+'?bokeh-session-id='+session_id.value")
def __init__(self):
super().__init__()
self.view=pn.Column(self.param.ldap_user,self.param.ldap_pass,self.param.ldap_action,self.session_id,self.username)
# self.infos.visible=False
@param.depends("ldap_action",watch=True)
def login_user(self):
log.info("start login")
for s in pn.state.curdoc.session_context.server_context.sessions:
if s.id==pn.state.curdoc.session_context.id:
if self.ldap_auth(self.ldap_user,self.ldap_pass):
pn.state.cache['users'][s.id]={}
pn.state.cache['users'][s.id]['username']=self.ldap_user
# callback=CustomJS(code="location='%s?bokeh-session-id=%s'"%(pn.state.location.href,s.id))
self.username=pn.state.cache['users'][s.id]['username']
self.session_id.value=s.id
self.view.visible=False
url="%s?bokeh-session-id=%s"%(pn.state.location.href,s.id)
def ldap_auth(self,ldap_user,ldap_pass) -> bool:
log.info("user %s logged in with %s"%(ldap_user,ldap_pass))
return True
It works, as in I have session persistence on browser refresh, but ... so does all other browsers, even on other machines !
the app is started with pn.io.server.Server({"/":app},...
and app is declared like this:
def app(doc):
l=ldap_auth()
doc.on_session_destroyed(on_session_gone)
pn.state.onload(on_load)
ui=pn.Column(l.view,window, sigma, interactive)
ui.server_doc(doc)
Questions:
1)Is it possible to have a true multi-user app with panel ?
2)If yes, is it possible to have it without OAuth - à la my implementation ?