GitHub user user1500177 added a comment to the discussion: Superset 6: Bypass
Login page of superset No Longer Working (Worked in v5)
@dosu ,
Why i am not able to do this in version 6 , what changed WHY its not applicable
from within the usperset_config.py
I found another method which is ppossible from the superset config.py that is
by running an interceptor logic - Is it recommended to do so ?
@app.before_request
def auto_sso_redirect():
"""
Auto-redirect to OAuth provider when:
1. Path is /login or /login/
2. Referer is from a specific portal (customize this check as
needed)
3. Exactly one OAuth provider is configured
"""
try:
path = request.path or ""
# Only intercept bare /login requests (not
/login/<provider>)
if path in ("/login", "/login/"):
# Skip if already authenticated
if g.user and hasattr(g.user, 'is_authenticated') and
g.user.is_authenticated:
return None
referer = request.headers.get("Referer", "")
# Replace this with your own logic to check the referer
as a decider to check wheter we need to see the Supersets login page or not...,
if i am from a particular site only i need this to happen
is_from_portal = "your-domain-from which you are
arriving to superset" in referer
if is_from_portal:
providers = list(appbuilder.sm.oauth_remotes.keys())
if len(providers) == 1:
provider = providers[0]
# Preserve 'next' parameter if present
next_url = request.args.get("next", "")
redirect_url = f"/login/{provider}"
if next_url:
redirect_url += f"?next={quote(next_url,
safe='')}"
return redirect(redirect_url)
except Exception as e:
logging.warning(f"[auto_sso_redirect] Error: {e}",
exc_info=True)
return None
Is the above apprahc reccomended ?
OR is the below apprach better THAT used to work in superset version 5 AND
not in version 6 (Which is why i had to try alternatives) inspired by
https://github.com/dpgaspar/Flask-AppBuilder/issues/2225#issuecomment-2074682623
,
class CustomSsoAuthOAuthView(AuthOAuthView):
@expose("/login/")
@expose("/login/<provider>")
def login(self, provider: Optional[str] = None) -> WerkzeugResponse:
if provider is None:
providers = [k for k in
self.appbuilder.sm.oauth_remotes.keys()]
if len(providers) == 1:
provider = providers[0]
return super().login(provider)
After this i used to do
class CustomSsoSecurityManager(SupersetSecurityManager):
useroauthmodelview = MyUserOAuthModelView
But its not working in version 6 , COULD you provide the detailed
exaplanation for this
AND also if there are any alternative methods WHICH is scalable and
acheivable WITHIN the superset_config.py please OR my proposed method is GOOD
enough?- with the (@app.before_request)
GitHub link:
https://github.com/apache/superset/discussions/37057#discussioncomment-15516449
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
