I would like to hack authentication to use the AWS Cognito service instead of Dash-Auth.
Do you think this is possible? What’s a good starting point?
I read that other users managed to do it using the Flask authentication tools, should I subclass some class in their package?
I also read a user can circumvent the authentication by just typing the to a “login_required” site directly.
Any advice will be appreciated. I will post when I manage to have something useful.
I didn’t change anything on my code and was able to get an authentication page for it on Cognito.
There were only two issues.
On your app you must exclude/comment out Dash authentication. If the Dash login modal pops up it will conflict with Cognito.
This one is a lot of more difficult and I haven’t solved it yet. The public URL for my app is an Application Load Balancer DNS. I can’t find I way to redirect this to a custom domain so I can use an SSL certificate and bypass the horrible “Potential Risk ahead” message cause by a “bad” SSL certificate.
If anybody needs help setting up Cognito, I’m more than glad to help and if anybody has the answer for #2 please, please help me. lol. I’ve been trying it for the last week without success.
Hi @samdev! I would like to have more info about setting up cognito for a dash app. Could you please send me the steps you follow to achieve this without code?
@crocha I have achieved to authenticate users with AWS Cognito through the ALB without modifying a single line of code, as @samdev did. In fact the authentication portal is agnostic to the hosted app (be it a Dash app, Flask app or any other app).
Here is some resources on how to use AWS Cognito through the ALB :
Could you please provide some additional details? Does your dash app need to have a different url_base_pathname? How should the callback URLs in Cognito match with the ALB listener redirect URLs? I keep getting a 500 internal error
Does it make a difference that my website is a subdomain? i.e. “[website name].[company].com”
Also did you manage to extract user information into the dash application?
Update:
Managed to sort out the issue - you need to configure the security groups in your load balancer to make outbound communication using HTTPS. I’m struggling a bit with the logout system now