refactor: define provider based on auth backends #4539
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
for more information, see https://pre-commit.ci
frascuchon
changed the title
dosubot
bot
added
size:L
frascuchon
force-pushed
the
refactor/define-provider-based-on-auth-backends
branch
from
3d428ae
to
6170fd0
Compare
|
The URL of the deployed environment for this PR is https://argilla-quickstart-pr-4539-ki24f765kq-no.a.run.app |
jfcalvo
requested changes
Jan 26, 2024
| Encryption algorithm for token data | ||
|
|
||
| token_expiration_in_minutes: | ||
| The session token expiration in minutes. Default=30000 |
There was a problem hiding this comment.
Suggested change
| The session token expiration in minutes. Default=30000 | |
| The session token expiration in minutes. Default=15 |
There was a problem hiding this comment.
This is an old comment. I will update it.
Comment on lines
33
to
36
| api_key: str = await self.scheme(request) | ||
|
|
||
| if not api_key: | ||
| return None |
There was a problem hiding this comment.
Suggested change
| api_key: str = await self.scheme(request) | |
| if not api_key: | |
| return None | |
| api_key: str = await self.scheme(request) | |
| if not api_key: | |
| return None |
Comment on lines
38
to
42
| db = request.state.db | ||
| user = await accounts.get_user_by_api_key(db, api_key=api_key) | ||
|
|
||
| if not user: | ||
| return None |
There was a problem hiding this comment.
Suggested change
| db = request.state.db | |
| user = await accounts.get_user_by_api_key(db, api_key=api_key) | |
| if not user: | |
| return None | |
| user = await accounts.get_user_by_api_key(request.state.db, api_key=api_key) | |
| if not user: | |
| return None |
| return None | ||
|
|
||
| return AuthCredentials(["authenticated"]), UserInfo( | ||
| username=user.username, name=user.full_name, role=user.role, identity=str(user.id) |
There was a problem hiding this comment.
Suggested change
| username=user.username, name=user.full_name, role=user.role, identity=str(user.id) | |
| identity=str(user.id), username=user.username, name=user.full_name, role=user.role |
Comment on lines
33
to
36
| credentials = await self.scheme(request) | ||
|
|
||
| if not credentials: | ||
| return None |
There was a problem hiding this comment.
Suggested change
| credentials = await self.scheme(request) | |
| if not credentials: | |
| return None | |
| credentials = await self.scheme(request) | |
| if not credentials: | |
| return None |
Comment on lines
47
to
49
| if v is not None: | ||
| return v | ||
| return values["token_expiration_in_minutes"] * 60 |
There was a problem hiding this comment.
Suggested change
| if v is not None: | |
| return v | |
| return values["token_expiration_in_minutes"] * 60 | |
| if v is not None: | |
| return v | |
| return values["token_expiration_in_minutes"] * 60 |
| secret_key: str = uuid4().hex | ||
| algorithm: str = "HS256" | ||
|
|
||
| token_expiration_in_minutes: int = 15 |
There was a problem hiding this comment.
This is a really small default expiration. Do we have any good reason to set such a small expiration time?
| algorithm: str = "HS256" | ||
|
|
||
| token_expiration_in_minutes: int = 15 | ||
| token_expiration: Optional[int] |
There was a problem hiding this comment.
I think it's a little bit confusing to have a token_expiration_in_minutes and at the same time token_expiration. I believe we should go for only token_expiration (using seconds) to avoid unnecessary complex scenarios (for example specifying values to the two settings at the same time).
frascuchon
force-pushed
the
refactor/define-provider-based-on-auth-backends
branch
from
ea37b2a
to
ee4953c
Compare
frascuchon
force-pushed
the
refactor/define-provider-based-on-auth-backends
branch
from
3930b23
to
816ef60
Compare
for more information, see https://pre-commit.ci
dosubot
bot
added
size:XL
jfcalvo
approved these changes
Jan 29, 2024
…hub.com:argilla-io/argilla into refactor/define-provider-based-on-auth-backends
frascuchon
deleted the
refactor/define-provider-based-on-auth-backends
branch
9 tasks
davidberenstein1957
added a commit
that referenced
this pull request
Mar 11, 2024
…4639) # Description I'm proposing to add a mention to the var `ARGILLA_AUTH_SECRET_KEY` introduced in #4539 to the `docker-compose`-related documentation in docs/_source/getting_started/installation/deployments/docker_compose.md As far as I am aware, that env var needs to be set in order to run the service in docker-compose. It's a small edit, I didn't create (yet) an issue for this. - [x] Documentation update **How Has This Been Tested** - [ ] `sphinx-autobuild` I didn't run sphinx! I had troubles w/ cloning, will update this as soon as I can **Checklist** - [x] I added relevant documentation - [ ] I followed the style guidelines of this project - [ ] I did a self-review of my code - [ ] I made corresponding changes to the documentation - [ ] My changes generate no new warnings - [ ] I filled out [the contributor form](https://tally.so/r/n9XrxK) (see text above) - [ ] I have added relevant notes to the `CHANGELOG.md` file (See https://keepachangelog.com/) --------- Co-authored-by: David Berenstein <david.m.berenstein@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR is a refactor of the authentication provider. A new authentication provider is created based on the Starlette Authentication Backends. This change simplifies the auth. workflow and prepare incoming oauth integration.
Since the authentication backends should be used by the auth middleware component, the implementation done in this PR does not use it in that way since there are some problems exposing the db session at the middleware level (using global dependencies does not work).
Type of change
(Please delete options that are not relevant. Remember to title the PR according to the type of change)
How Has This Been Tested
(Please describe the tests that you ran to verify your changes. And ideally, reference
tests)Running locally
Checklist
CHANGELOG.mdfile (See https://keepachangelog.com/)