jamesholcombe / dash-auth-external Goto Github PK

I tried the example in the docs but when i visit localhost:8050/ i get the above error from the browser.

Am I missing any config?

Hey there, thanks for the library!
We are trying to use it, but we are facing an issue with the dimensions of the session cookie:

/py39/lib/python3.9/site-packages/werkzeug/sansio/response.py:230: UserWarning:

The 'session' cookie is too large: the value was 4606 bytes but the header required 26 extra bytes. The final size was 4632 bytes but the limit is 4093 bytes. Browsers may silently ignore cookies larger than this.

What we tried:

• auth.server.config["SESSION_TYPE"] = "filesystem"
• Using a smaller _secret_key parameter

Do you have any insight?
Thanks :D

Hi,
I noticed that the master branch differs from the pypi version, when using the pypi version there is a dict error that appears which is resolved in the GitHub branch. Could you update the pypi version as well?
Lastly, I keep getting a key error but as far as I can tell my token field name is correct. I am using O2Auth with openID connect.

token = auth.get_token()
File "auth.py", line 27, in get_token
raise KeyError(
KeyError: 'Header with name access_token not found in the flask request headers.'

Here is my method:

auth = DashAuthExternal(
                        external_auth_url= AUTH_URL,
                        external_token_url= TOKEN_URL,
                        client_id= CLIENT_ID,
                        with_pkce=True,
                        app_url= "http://127.0.0.1:8050",
                        redirect_suffix = "/redirect",
                        auth_suffix = "/",
                        home_suffix="/app",
                        client_secret= CLIENT_SECRET,
                        _secret_key= None,
                        auth_request_headers= None,
                        token_request_headers= None,
                        scope= ("openid profile"),
                        )

Could the error be caused by anything other than an incorrect token field name?

I also am getting this error if I try to go to /redirect after already authenticating, I am not sure if it is relevant or normal behavior after authentication.

File "/dash_auth_external/routes.py", line 76, in build_token_body
code = redirect_params["code"][0]
KeyError: 'code'

There are scenarios where it may be required to have client-secret as a form parameter in the "token_request" function

First congratulations for the project, Dash is really lacking authorization packages.

Does dash-auth-external work for Dash Multi-page app paradigm?

A lot of oauth2 servers/systems uses CLIENT_ID parameter to get the auth code. It would be good to provide this way of authentication

HI I am trying use this module, but I have a bit of a problem of customising it to the Azure B2C - Oath2.0 Authentication.
(https://github.com/Azure-Samples/ms-identity-python-webapp)
With the above implementation, the authentication routing is failing for me.

I wondering, have you experimented withe the Azure B2C authentication flow?

Best

David

It would be great if it were possible to protect the view of the pages.

For example, when we used links, the application would redirect directly to the login page

Hey, nice library!

So the session token gets set to a private field. This is an issue in a multi-user environment since users are effectively logged in using another user's token. It also means the same user is logged in cross browser or in incognito mode.

Since most of the code is already using session cookies, is there a reason why it can't be modified to just use that?