Comments (2)
Hmm, the reasons I wanted to use the same ORM setup are:
- To prevent having to keep multiple databases in sync (especially around user cascading deletes, and recreating users with the same name)
- To prevent admins from having to set up different databases - re-using has similar api stability problems because we don't support prefixes on the JupyterHub side (afaik). This is not as big a deal though.
I used a separate db for FirstUseAuthenticator, and ran into a score of issues related to (1) - especially around propagating user deletions. I also see what @minrk is suggesting about medium-longer term API compatibility.
@minrk do we have some way to propagate user deletes across? I think with that we should be ok.
@leportella for the endpoint, I think we need to call it something like /nativeauth/admin or some such - or more specifically, multiple ones (/nativeauth/authorize-accounts, /nativeauth/reset-password, etc).
from nativeauthenticator.
It's not an urgent issue (it will only come up on possible hub upgrades), so I wouldn't worry about it too much to start. But it is raising my "private api" flag. Using e.g. the db_url
config to talk to the same database does seem like a sensible solution to avoid maintaining multiple databases, but I am reticent to recommend 'relations' on the existing tables and especially the ORM API, since I want to, among other things, reserve the right to move away from sqlalchemy when we are looking at high-availability hubs.
I think the only answer we currently have for authenticators storing state related to users is the auth_state
field. This is covered by the deletion, etc., but I think there isn't a good answer to retrieving this data during the authenticate
process.
As for deletion cascades, I would think the existing Authenticator.delete_user
hook would suffice. What cases are there where this doesn't work?
Maybe we can take this opportunity to enumerate some of the things that Authenticators with external state may need, and codify them at the Python level. That's how we got auth_state
, and it sounds like there's more that we can add. I'd love to get to a point where Authenticators and Spawners don't even have direct access to the database connection.
from nativeauthenticator.
Related Issues (20)
- docs: fix c.JupyterHub.template_paths
- Confirmation email still sent for allow-listed users
- Enforce no slashes in usernames HOT 1
- Users created from the admin panel control hub are unusable due to lack of password when using NativeAuthenticator HOT 3
- Prepare for deprecation of Authenticator.db HOT 1
- Use user email as username HOT 1
- Release needed for JupyterHub 2 and 3 compatibility HOT 2
- import_from_firstuse not working: Previous users cannot log in or create an account. HOT 1
- Ability to set user environment path (bin folder) for users to use their own kernels HOT 1
- ci: our test system is failing
- '_xsrf' missing in login, signup and password changing pages HOT 1
- Planning for release 1.2.0 - JupyterHub 4 compatibility HOT 1
- Sign-Up email is not sent to admin for registration pending approval HOT 1
- locale.getdefaultlocale() is deprecated HOT 2
- Main branch tests are broken with jupyterhub 1.5.1 and sqlalchemy 1 HOT 1
- Unable to change password with TLJH JupyterHub 4.0.2 HOT 2
- Authorize Users link not showing for RBAC-authorized users HOT 1
- Test failure in main branch
- Automatically notify the user once his account is authorized HOT 1
- SSL: WRONG_VERSION_NUMBER HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nativeauthenticator.