Enabling authentication

Hi, is there any documentation or sample code explaining how to enable authentication in Dash?

4 Likes

very interested to find out more about authentication in Dash as well

2 Likes

same here, would love to learn more about authentication, either directly in Dash or using the underlying Flask layer

yep i agree… ive been sourcing through the forums for more information…

This is something I am also interested in. There’s an interesting post here talking about embedding a dash app as an iframe in another app (e.g. Django/Rails) which could handle the authentication.

I have published a preliminary version of a dash-auth package.

Hi Chris,
I’ve installed the dash-auth package and tested the Basic HTTP authentication protocol.
Since I’m using Python3 for my Dash app, I had to modify a few lines in your package to solve compatibility issues, but it is now working perfectly. Thanks a lot!
Just out of curiosity, are you planning to release a Python3 compatible version soon?
Again, thanks very much for the package, much appreciated.

Thanks @tlemaire! Yes, we’re adding Python 3 support in this PR: Circle and Python 3 by chriddyp · Pull Request #1 · plotly/dash-auth · GitHub

This works for me for the first time; after that one time, it does not ask for username password anymore. it looks like the password is saved in the session or cookie?

I tried to test this with following ways,

  1. restarted the python code [server] - It still did not ask for authentication
  2. refreshed the browser -It still did not ask for authentication
    how exactly does this authentication work?

I am developing an app using Dash to generate some graph for my team. Because of data sensitivity; our requirement mandates the authentication each time. how can fix this?

The basic-auth uses the standard WWW-Authenticate header for authentication. See http://qnimate.com/understanding-http-authentication-in-depth/ for a description on this. In particular:

WWW-Authenticate → This header is assigned to a realm. It is compulsory that this header will contain a realm directive. realm is displayed in the dialog box. Servers use realm to group different parts of the server(assigns same realm, username and password other resources on the same and deeper level). Browser saves credentials for all realm’s. Whenever browser receives a WWW-Authenticate response with a realm already saved, it will automatically send the credentials without the knowledge of user

Here’s the source code where this header is set: dash-auth/dash_auth/basic_auth.py at 6550439d67474c3317ad213ca688d5a5f8ace257 · plotly/dash-auth · GitHub. The python portion of this library is pretty short, just 37 lines, I recommend reading through it!

1 Like

Hi Chris, by your preliminary version of Basic Auth, I was able to enable authentication locally, thank you very much.

But when I deployed my app to digital ocean, the login window wouldn´t go away even after correctly fill the form. Is there something I should change to make it works properly while deployed?

How to logout of dash. Dash Authentication asks for username and password only the first time. I want the application to logout when I close the window .It looks like the password is saved in the session or cookie

Hi shaina,

Are you using PlotlyAuth of dash-auth ?

If so there is a logout feature coming up Logout PR.

hi, do you find methods for this?

hi, so any methods can be used for this situation?

I have been experimenting with this - https://github.com/RafaelMiquelino/dash-flask-login

At a basic level you can essentially download it, and change the layout in “success.py” to be what you want users to see after logging in.

I’m in the process of converting it to dash_bootstrap_components so that it can easily be used with Bootswatch themes.

1 Like

started on dash today, found this thread while looking for ideas on authentication.

whats the consensus of opinion now people have had some time to investigate?

https://github.com/RafaelMiquelino/dash-flask-login only has 11 stars. ?

Hi aspiringguru,

As mentioned in my previous post, I have been experimenting with it and it certainly does the job.

I also mentioned that I was in the process of converting it to using Dash Bootstrap Components, which I’ve now done. I’ve actually extended the functionality quite a lot too, with an “admin” page for creating new users, and a “profile” page where users can update their own password. There is some nice CSS styles applied to text boxes too (if wrong pasword/username entered etc). Check it our here:

and live demo here (without admin page and password update function!):

http://chris369.pythonanywhere.com (username: test, password: test1)

1 Like

Hi @rbassanesi,

Did you find a solution to this issue?? I am having a similar issue, even locally actually (if that even makes any sense ?!) , but I am trying to do this on Google App. Engine.

The only change I’ve made to do this , in a single page app is by adding the following code snippet:

VALID_USERNAME_PASSWORD_PAIRS = {
‘hello’: ‘world’
}

app = dash.Dash(name,external_stylesheets=external_stylesheets) #,server=server)
auth = dash_auth.BasicAuth(
app,
VALID_USERNAME_PASSWORD_PAIRS

)

Please help !! Im really stuck and would greatly appreciate !
maybe this is obvious , @chriddyp might see this very quickly…? :slight_smile:

Thanks in advance guys/girls,
Dave

1 Like

consider deploying an identity-aware proxy in front of your app, that would handle user authentication by integrating with your authentication provider (i.e. Google, Microsoft, Okta, Auth0) AND authorization (which users are allowed). there are open source, on-premise and cloud-managed solutions, depending on your deployment strategy.

check out this example https://github.com/gwrun/tutorials/tree/main/plotly-dash/docker-compose