I added user authentication by passing an “auth_module” to the bokeh server. I also need the user name within my panel app, so I used
pn.state.cache["username"] = username
and then
pn.state.cache.get("username", "-")
But now users found that this sometimes results in other user names that are logged in. Is there a proper way to access that value, maybe through the tornado request handler?
If I could get tornado.web.RequestHandler somehow from within my panel app, I could access the cookie that keeps the user name.
Disclaimer: I do not personally use bokeh’s authentication module, b/c I typically embed it in a Flask app and use its login/authentication extensions.
With that caveat, a quick inspection/experimentation of the bokeh server authentication example here: server_auth shows that the cookies for the user are available via
curdoc().session_context.request.cookies
My initial recommendation would be to access these in panel for the current session associated with that document via
Panel 0.10 which is expected to ship within the next month contains oauth integration and I believe easy to use integrations with cloud providers, github, social etc. You will be able to find information on Github in a PR.
Thanks, this helped!
I managed to get the user via
from tornado.web import decode_signed_value
secure_cookie = pn.state.curdoc.session_context.request.cookies["user"]
user = decode_signed_value(cookie_secret, "user", secure_cookie).decode("utf-8")
I had to manually pass in the cookie secret though from when I create the server. Any ideas how I could directly access that in the bokeh server settings?
So the user entry is decoded as plain text at that level. If this is not the case when wrapped in panel, my initial thought would be to pull it out in bokeh and add it as a property of the document for the user’s session.
If you have an app_hooks.py function as part of your bokeh server implementation, you could add it as part of the on_session_created() method. See the Lifecycle Hooks section of the bokeh server documentation here https://docs.bokeh.org/en/latest/docs/user_guide/server.html.