Enabling authentication


#1

Hi, is there any documentation or sample code explaining how to enable authentication in Dash?


#2

very interested to find out more about authentication in Dash as well


#3

same here, would love to learn more about authentication, either directly in Dash or using the underlying Flask layer


#4

yep i agree… ive been sourcing through the forums for more information…


#5

This is something I am also interested in. There’s an interesting post here talking about embedding a dash app as an iframe in another app (e.g. Django/Rails) which could handle the authentication.


#6

I have published a preliminary version of a dash-auth package.


#7

Hi Chris,
I’ve installed the dash-auth package and tested the Basic HTTP authentication protocol.
Since I’m using Python3 for my Dash app, I had to modify a few lines in your package to solve compatibility issues, but it is now working perfectly. Thanks a lot!
Just out of curiosity, are you planning to release a Python3 compatible version soon?
Again, thanks very much for the package, much appreciated.


Dash-Plotly App Authentication - Login Details Saved As Cookies/Heroku Hosted 'Type' Object error
#8

Thanks @tlemaire! Yes, we’re adding Python 3 support in this PR: https://github.com/plotly/dash-auth/pull/1


#10

This works for me for the first time; after that one time, it does not ask for username password anymore. it looks like the password is saved in the session or cookie?

I tried to test this with following ways,

  1. restarted the python code [server] - It still did not ask for authentication
  2. refreshed the browser -It still did not ask for authentication
    how exactly does this authentication work?

I am developing an app using Dash to generate some graph for my team. Because of data sensitivity; our requirement mandates the authentication each time. how can fix this?


#11

The basic-auth uses the standard WWW-Authenticate header for authentication. See http://qnimate.com/understanding-http-authentication-in-depth/ for a description on this. In particular:

WWW-Authenticate -> This header is assigned to a realm. It is compulsory that this header will contain a realm directive. realm is displayed in the dialog box. Servers use realm to group different parts of the server(assigns same realm, username and password other resources on the same and deeper level). Browser saves credentials for all realm’s. Whenever browser receives a WWW-Authenticate response with a realm already saved, it will automatically send the credentials without the knowledge of user

Here’s the source code where this header is set: https://github.com/plotly/dash-auth/blob/6550439d67474c3317ad213ca688d5a5f8ace257/dash_auth/basic_auth.py#L27. The python portion of this library is pretty short, just 37 lines, I recommend reading through it!


#12

Hi Chris, by your preliminary version of Basic Auth, I was able to enable authentication locally, thank you very much.

But when I deployed my app to digital ocean, the login window wouldn´t go away even after correctly fill the form. Is there something I should change to make it works properly while deployed?