holoviz panel custom auth sessions crosstalk

123 Views Asked by tbmale At 21 October 2024 at 01:39

I'm trying (and succeeding -sort of)to implement an auth method without using OAuth. The code is here:

class ldap_auth(param.Parameterized):
  ldap_user=param.String(label="username",)
  ldap_pass=param.String(label="password")
  ldap_action=param.Action(lambda x: x.param.trigger('ldap_action'),label="Login")
  view=param.Parameter
  username=pn.widgets.TextInput(name="Username")
  username.visible=False
  session_id=pn.widgets.TextInput(name="session id")
  session_id.visible=False
  session_id.jscallback(args={'session_id':session_id},value="console.log('session id:'+session_id.value);window.location=window.location.origin+window.location.pathname+'?bokeh-session-id='+session_id.value")

  def __init__(self):
    super().__init__()
    self.view=pn.Column(self.param.ldap_user,self.param.ldap_pass,self.param.ldap_action,self.session_id,self.username)
    # self.infos.visible=False

  @param.depends("ldap_action",watch=True)
  def login_user(self):
    log.info("start login")
    for s in pn.state.curdoc.session_context.server_context.sessions:
      if s.id==pn.state.curdoc.session_context.id:
        if self.ldap_auth(self.ldap_user,self.ldap_pass):
          pn.state.cache['users'][s.id]={}
          pn.state.cache['users'][s.id]['username']=self.ldap_user
          # callback=CustomJS(code="location='%s?bokeh-session-id=%s'"%(pn.state.location.href,s.id))
          self.username=pn.state.cache['users'][s.id]['username']
          self.session_id.value=s.id
          self.view.visible=False
          url="%s?bokeh-session-id=%s"%(pn.state.location.href,s.id)
          
  def ldap_auth(self,ldap_user,ldap_pass) -> bool:
    log.info("user %s logged in with %s"%(ldap_user,ldap_pass))
    return True

It works, as in I have session persistence on browser refresh, but ... so does all other browsers, even on other machines !

the app is started with pn.io.server.Server({"/":app},... and app is declared like this:

def app(doc):
  l=ldap_auth()
  doc.on_session_destroyed(on_session_gone)
  pn.state.onload(on_load)
  ui=pn.Column(l.view,window, sigma, interactive)
  ui.server_doc(doc)

Questions:

1)Is it possible to have a true multi-user app with panel ?

2)If yes, is it possible to have it without OAuth - à la my implementation ?

Original Q&A

holoviz panel custom auth sessions crosstalk

There are 0 best solutions below

Related Questions in PYTHON

Related Questions in SESSION

Related Questions in WEB-APPLICATIONS

Related Questions in MULTI-USER

Related Questions in HOLOVIZ-PANEL

Trending Questions

Popular # Hahtags

Popular Questions