vincbeck commented on code in PR #42019:
URL: https://github.com/apache/airflow/pull/42019#discussion_r1745894596
##########
airflow/api_ui/app.py:
##########
@@ -32,17 +38,35 @@ def init_dag_bag(app: FastAPI) -> None:
app.state.dag_bag = get_dag_bag()
-def create_app() -> FastAPI:
+def init_flask_app(app: FastAPI, testing: bool = False) -> None:
+ """
+ Auth providers and permission logic are tightly coupled to Flask.
Review Comment:
I have another proposal. Why do you want to have basic authentication for
this API? Should not it be session? This API will be used by the UI, hence a
session will be there. Basic authentication makes only sense to me for testing
purposes because it makes it easier to hit endpoint directly. Using the
[session auth](airflow/api/auth/backend/session.py) uses the auth manager
directly and simply calls `is_logged_in` method which would solve a lot of your
problems.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
