Skip to content
This repository has been archived by the owner on Oct 26, 2019. It is now read-only.

Authentication

Jump to bottom
Daniel Rodriguez edited this page Oct 17, 2016 · 4 revisions

The dashboards server uses the Passport middleware to authenticate users. You can write your own auth module and configure the server to use it. See the sections below for guidance.

Note: These instructions assume you are working out of a git clone of the jupyter-incubator/dashboards_server repository for the time being. They'll change if and when we make a npm release of the server package.

Example: Local Shared Auth

The dashboard server ships with an auth-local.js module that configures shared-username/password authentication. To use it, set the USERNAME and PASSWORD environment variables when launching the server. Once configured, the server will greet users with a login form.

USERNAME=demo PASSWORD="s3cr3t!!" node ./bin/www

Note: You can use the make dev target in the local dev environment instead of running node directly if you wish.

Example: Twitter OAuth

You can use any Passport strategy to authenticate users. Here's how to implement authentication using the passport-twitter strategy as an example.

First, install the npm package:

npm install passport-twitter --save

Next, have a look at the dashboards_server/app/auth-twitter.js file included in the source tree. If you want to use a different OAuth provider, write your own module mimicking what auth-twitter.js does.

Now, create an application in the Twitter Developer's portal. Set the callback URL for your application to wherever you plan to run your server (http://localhost:3000/login/twitter/callback if you're running in the local dev environment).

Export these values to your local shell environment:

export TWITTER_CONSUMER_KEY='your twitter app key'
export TWITTER_CONSUMER_SECRET='your twitter app secret'
export TWITTER_CALLBACK_URL='http://localhost:3000/login/twitter/callback'

Finally, start the server with the auth-twitter strategy configured.

AUTH_STRATEGY='./app/auth-twitter' node ./bin/www

Example: Box OAuth

The flow for configuring another OAuth provider will be very similar to the Twitter example above. Here's a quick summary for the Box provider.

Install the passport-box package:

npm install passport-box --save

Have a look at dashboards_server/app/auth-box.js. It is another example of a custom authentication scheme.

Create an app in the Box developer portal with the callback URL set appropriately.

Export the critical values to the server environment:

export BOX_CLIENT_ID='your box app client id'
export BOX_CLIENT_SECRET='your box app client secret'
export BOX_CALLBACK_URL='https://127.0.0.1:3000/login/box/callback'

Start the server with the auth-box module:

AUTH_STRATEGY='./app/auth-box' node ./bin/www

Note: Box requires an HTTPS callback so you'll need to use at least a self-signed certificate.

Example: Auth0 OAuth

Requirements:

npm install passport-auth0

To use Auth0 as an auth provider you need a couple of environment variables from a created Auth0 client:

  1. AUTH0_DOMAIN: Domain of the Auth0 account. e.g. jupyter.auth0.com
  2. AUTH0_CLIENT_ID: From the Auth0 client
  3. AUTH0_CLIENT_SECRET: From the Auth0 client
  4. AUTH0_CALLBACK_URL: http://DASHBOARD_SERVER_HOST:3000/callback, This value should be in the Allowed Callback URLs on the Auth0 client. e.g. http://localhost:3000/callback for local testing.

Start the server with the auth-auth0 module:

AUTH_STRATEGY='./app/auth-auth0' node ./bin/www
Clone this wiki locally