简单的用户名和bokeh服务器的密码保护 [英] Simple username & password protection of a bokeh server

问题描述

我有一个简单的bokeh服务器应用程序，我想在基于Linux的Azure节点上公开它.服务器在那里并且正在运行.

I have a simple bokeh server application and I want to expose it on a Linux-based Azure node. The server is there up and running.

我的问题是:如何通过用户名和密码保护内容?我不必对用户进行身份验证.

My question is: how to protect the content by username and password? I do not need necessarily authentication of users.

到目前为止我的想法(未尝试过，可能没有用)

My ideas so far (not tried, may not work)

1. 使用文本字段创建一个额外的bokeh服务器页面.
2. 在按钮的回调上，如果密码合适，则添加测试.如果是这样，则重定向到原始服务器页面.否则，请通知用户有关错误的凭据.

推荐答案

您可以尝试仅通过用户身份验证来禁止bokeh服务器生成会话ID，并由外部应用程序生成会话ID:
(基于这部分散景文档)

You can try to disable generation of session id's by bokeh server and generate them by external application only after user authentication:
(Based on this part of bokeh documentation)

1. 使用bokeh secret命令生成密钥:

1. Generate secret key with bokeh secret command:

$ bokeh secret
oIWDL7DVYCaBJG9eYQ2Wvf2f2uhOAIM8xNS8Kds3eizV

1. 将BOKEH_SECRET_KEY环境变量设置为生成的值；

1. Set BOKEH_SECRET_KEY environment variable to generated value;

$ export BOKEH_SECRET_KEY=oIWDL7DVYCaBJG9eYQ2Wvf2f2uhOAIM8xNS8Kds3eizV

1. 设置另一个环境变量:

$ export BOKEH_SIGN_SESSIONS=True

1. 使用--session-ids external-signed参数运行bokeh服务器:

1. Run bokeh server with --session-ids external-signed argument:

$ bokeh serve myApp --session-ids external-signed

在这种模式下，用户应提供有效的(签名的)会话ID来访问bokeh服务器.

In this mode user should provide valid (signed) session id to access bokeh server.

1. 运行简单的外部过程，要求用户输入登录名和密码，并为他们生成ID. 这是基于Flask文档中的片段的示例:

1. Run simple external process to ask users for login and password and generate id's for them. Here is the example based on snippet from Flask documentation:

    from functools import wraps
    from flask import request, Response, redirect, Flask
    from bokeh.util import session_id

    app = Flask(__name__)

    def check_auth(username, password):
        return username == 'valid_user' and password == 'valid_password'

    def authenticate():
        """Sends a 401 response that enables basic auth"""
        return Response(
        'Could not verify your access level for that URL.\n'
        'You have to login with proper credentials', 401,
        {'WWW-Authenticate': 'Basic realm="Login Required"'})

    def requires_auth(f):
        @wraps(f)
        def decorated(*args, **kwargs):
            auth = request.authorization
            if not auth or not check_auth(auth.username, auth.password):
                return authenticate()
            return f(*args, **kwargs)
        return decorated

    @app.route('/')
    @requires_auth
    def redirect_to_bokeh():
        s_id = session_id.generate_session_id()
        return redirect("http://<bokeh-server-addr>:<port>/?bokeh-session-id={}".format(s_id), code=302)

    if __name__ == "__main__":
        app.run()    

1. 现在要访问bokeh服务器，用户应转到Flask应用程序并指定登录名和密码.

这篇关于简单的用户名和bokeh服务器的密码保护的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！