jhtimmins commented on issue #8111: URL: https://github.com/apache/airflow/issues/8111#issuecomment-656478980
@mik-laj I'm working on a scratchpad git repo in my personal account. https://github.com/jhtimmins/scratch-airflow-auth Thus far, my focus has been the interface from the airflow user standpoint. This design allows configuration at either the app level or the individual route. If configured at the app level, individual routes can be marked as as requiring user auth with either `@auth.login_required` or `@auth.login_required()` decorators. - "App level" means they define an auth scheme in settings.py or environment variables. (edited) - "Path level" lets them set an auth scheme for a specific path by passing the auth validation method path to the decorator. `@auth.login_required("auth.schemes.token_auth")` Order of precendence: `Path level > env vars > settings.py` I'm pleased with this interface for now, but I'd like to avoid the need for decorators at all. So I will circle back later on to see about setting up auth as middleware (similar to Django's design). But my next step is nailing down how auth integrates with the existing user permission structure, so middleware will have to wait for now. Do you have any thoughts or concerns? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
