dosubot[bot] commented on issue #29505:
URL: https://github.com/apache/superset/issues/29505#issuecomment-2275200916
<!-- Answer -->
To combine the existing username and password authentication flow with your
custom login setup in Apache Superset, you can modify the
`CustomSecurityManager` to support both `AUTH_DB` and `AUTH_REMOTE_USER`
authentication types simultaneously. Here’s how you can achieve this:
1. **Extend the `CustomSecurityManager`**:
Create a custom security manager that handles both authentication methods.
```python
from flask_appbuilder.security.manager import AUTH_DB, AUTH_REMOTE_USER,
BaseSecurityManager
class CustomSecurityManager(BaseSecurityManager):
def auth_user_db(self, username, password):
# Implement database authentication logic here
user = self.find_user(username=username)
if user and self._is_password_correct(user, password):
return user
return None
def auth_user_remote_user(self):
# Implement remote user authentication logic here
remote_user = self.appbuilder.sm.get_remote_user()
if remote_user:
user = self.find_user(username=remote_user)
if user:
return user
return None
def authenticate(self, username=None, password=None):
# Try database authentication first
user = self.auth_user_db(username, password)
if user:
return user
# If database authentication fails, try remote user authentication
user = self.auth_user_remote_user()
if user:
return user
return None
# In your configuration file, set the custom security manager
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
```
2. **Configure the Authentication Types**:
Ensure that your `superset_config.py` includes the necessary
configurations for both authentication methods.
```python
from your_custom_middleware_module import RemoteUserMiddleware
ADDITIONAL_MIDDLEWARE = [RemoteUserMiddleware]
AUTH_TYPE = AUTH_DB # Set the primary authentication type to database
```
3. **Add Custom Middleware**:
Ensure your custom middleware is correctly set up to handle remote user
authentication.
```python
class RemoteUserMiddleware(object):
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
user = environ.get('HTTP_USER')
if user:
environ['REMOTE_USER'] = user
return self.app(environ, start_response)
```
By following these steps, you can integrate both the existing username and
password authentication flow and your custom login setup in Apache Superset
<sup>[[1]](https://github.com/apache/superset/blob/master/superset/config.py)</sup>.
<!-- Dosu Comment Footer -->
*To continue talking to [Dosu](https://dosu.dev), mention @dosu.*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
