REMOTE_USER身份验证类型如何在apache超集中工作?

时间:2017-12-27 11:00:19

标签: python flask-appbuilder apache-superset

我一直在尝试使用我的Login Rest API而不是其他类型进行身份验证。怎么做到这一点? REMOTE_USER身份验证是否是正确的方法?如果是这样,我可以获得一个示例代码或文档吗?

阅读文档here但由于我不熟悉flask-appbuilder和python,因此无法理解。

1 个答案:

答案 0 :(得分:1)

只是接下来的到达这里的人。

遵循以下说明:https://superset.incubator.apache.org/installation.html#middleware

但不起作用:过多的重定向。

Flask App-Builder代码在这里: https://github.com/dpgaspar/Flask-AppBuilder/blob/167c13ec6dda6e7d8286e590233cd603a7d13928/flask_appbuilder/security/views.py#L728

最后进行了我自己的自定义远程登录(下面的草稿版本)。

# Apache superset REMOTE_USER authentication
# https://superset.incubator.apache.org/installation.html#middleware
from flask_appbuilder.security.manager import AUTH_REMOTE_USER

# Define AUTH_TYPE
# AUTH_TYPE = AUTH_REMOTE_USER

# Allow users to auto register and be assigned to Remote role
# AUTH_USER_REGISTRATION = True
# AUTH_USER_REGISTRATION_ROLE = "Remote"

# For testing without a proxy just calling http://localhost:9000/superset/welcome?logme=user1
from flask import request, g
from flask_login import login_user, logout_user
import logging


# Middleware to extract user from header HTTP_X_PROXY_REMOTE_USER
# and place it at REMOTE_USER
class RemoteUserLogin(object):

    def __init__(self, app):
        self.app = app

    def log_user(self, environ):
        from superset import security_manager as sm

        username = self.get_username(environ)
        logging.info("REMOTE_USER Checking logged user")
        if hasattr(g, "user") and \
            hasattr(g.user, "username"):
            if g.user.username == username:
                logging.info("REMOTE_USER user already logged")
                return g.user
            else:
                logout_user()

        user = sm.find_user(username=username)
        logging.info("REMOTE_USER Look up user: %s", user)
        if user:
            logging.info("REMOTE_USER Login_user: %s", user)
            login_user(user)
        return user

    def get_username(self, environ):
        user = environ.pop('HTTP_X_PROXY_REMOTE_USER', None)

        if not user and self.app.debug:
             # Dev hack 
            user = environ.get("werkzeug.request").args.get("logme")
            if user:
                logging.error("Logging user from request. Remove me ASAP!!!: %s", user)

        environ['REMOTE_USER'] = user
        return user

    def before_request(self):
        user = self.log_user(request.environ)
        if not user:
            raise Exception("Invalid login or user not found")


from superset.app import SupersetAppInitializer
def app_init(app):
    logging.info("Resgistering RemoteUserLogin")
    app.before_request(RemoteUserLogin(app).before_request)
    return SupersetAppInitializer(app)

APP_INITIALIZER = app_init
相关问题
最新问题