Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add PAM authenticator #6861

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Conversation

pgierz
Copy link

@pgierz pgierz commented May 22, 2024

Hi Panel Team,

I built a very simple PAM authenticator, and it seems to work provided you have given the correct environmental variables. Here is an example, assuming you have an app named app.py. For demonstration, I just use the md5 sum of the program code:

$ export PANEL_OAUTH_KEY=$(md5 -q app.py)
$ export PANEL_OAUTH_SECRET=$(panel secret)
$ export PANEL_OAUTH_PROVIDER=pam
$ export PANEL_OAUTH_ENCRYPTION=$(panel oauth-secret)
$ export PANEL_COOKIE_SECRET=$(panel oauth-secret)  # Twice, gives unique secret each call
$ panel serve app.py

Or in one line:

$ PANEL_OAUTH_KEY=$(md5 -q app.py) PANEL_OAUTH_SECRET=$(panel secret) PANEL_OAUTH_PROVIDER=pam PANEL_OAUTH_ENCRYPTION=$(panel oauth-secret) PANEL_COOKIE_SECRET=$(panel oauth-secret) panel serve app.py

Maybe someone else finds this useful.

Copy link
Member

@philippjfr philippjfr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, looks good, two main comments:

  1. We shouldn't add pamela as a core dependency, so the import should be inlined.
  2. We'll need some documentation on how to use it.

@pgierz
Copy link
Author

pgierz commented May 29, 2024

I moved the the Pamela import to be a optional dependency and changed the inclusion in the pyproject.toml file.

I haven't contributed to the documentation before, is there a best practices guideline for that?

@MarcSkovMadsen
Copy link
Collaborator

MarcSkovMadsen commented Jun 3, 2024

Regarding best practice for documentation. We are guided by the Diataxis framework for technical documentation https://diataxis.fr/. You might see something non-consistent in practice - either for historical reasons or because we don't yet understand well enough to write according to Diataxis.

What I would recommend doing is looking at the documentation for other OAuth Providers and then making a similar contribution. You are very welcome to make a quick draft and ask for some guidance.

@Coderambling
Copy link
Contributor

Coderambling commented Jun 3, 2024

Hi @pgierz . Cool feature! OAuth docs are here:

https://panel.holoviz.org/how_to/authentication/providers.html

A quick draft that describes the core functionality would be a great start!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants