Custom authentication provider

Hey all!

I’m in need of defining a custom authentication provider for a panel application.

The auth backend in question does not support OAuth (unfortunately), so I’ve been referencing the built-in basic auth provider to understand how to do this.

I’m a bit confused about how to achieve this. I’ve tried the following:

  1. A subclass of tornado.web.RequestHandler, which is configured with panel.config.auth = [my class]

  2. A subclass of bokeh.server.auth_provider.AuthProvider configured the same way.

  3. A subclass of tornado.web.RequestHandler, configured with an entry point statement in my pyproject.toml file, and passing auth_provider = “my auth provider” to panel.serve()

  4. A subclass of bokeh.server.auth_provider.AuthProvider, configured the same way.

Is there a working example somewhere of a provider which takes a username and password, and uses a custom validation method for checking that the password is valid?

Thank you!

1 Like

I have seen none. It would be amazing to have a how-to guide on this.

I would do the same as it looks like you have done. Look at how the Panel Basic and OAuth authentication is defined for inspiration.

Managed to figure it out! And my client agreed to me posting a sanitized version on the web for others to learn from. I’ll follow up here soon with a link to the code.

Here’s a gist with my solution: https://gist.github.com/Hanse00/9091a1deac10d3162b0e33e74cc3c1fe

And a brief writeup on my blog: https://philip.mallegolhansen.com/blog/panel-custom-auth/

Hope any of this is helpful for the next person looking to follow in my footsteps. Good luck!

2 Likes