Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding security scopes to dashboard #70

Closed
rachel-labri-tipton opened this issue Sep 25, 2023 · 10 comments
Closed

adding security scopes to dashboard #70

rachel-labri-tipton opened this issue Sep 25, 2023 · 10 comments
Assignees

Comments

@rachel-labri-tipton
Copy link
Collaborator

rachel-labri-tipton commented Sep 25, 2023

Detailed Description

This issue is the beginning of a discussion of how to add authorization to the dashboard.

  • Discuss how to add auth0 scopes to the app
  • Add warning to if we are adding a non ocf user to the ocf group.
  • Spike - find popup component to use in app to double check user agrees to an action (ie. update, delete, etc.)
  • Currently users who might add users or add sites are Peter, Brad, Sol, Zak, and Rachel

Context

The main users of the ocf dashboard will be internal, but it's good to think about who will have permission to do what. If we're deleting a site, it would be good that only certain people have that authorization.

@rachel-labri-tipton rachel-labri-tipton added enhancement New feature or request discussion and removed enhancement New feature or request labels Sep 25, 2023
@rachel-labri-tipton rachel-labri-tipton changed the title ideas for adding security or auth0 scopes to dashboard adding security scopes to dashboard Sep 25, 2023
@peterdudfield
Copy link
Contributor

@peterdudfield
Copy link
Contributor

peterdudfield commented Oct 10, 2023

this simple version looks good - https://github.com/conradbez/streamlit-auth0-example/blob/main/test.py. This uses streamlit-auth0-component but need to make sure we can use scopes

@peterdudfield
Copy link
Contributor

peterdudfield commented Oct 10, 2023

from auth0_component import login_button
import streamlit as st

clientId = "...."
domain = "...."

user_info = login_button(clientId, domain = domain)
st.write(user_info)

@rachel-labri-tipton
Copy link
Collaborator Author

thanks, @peterdudfield, I'll have a go at this. did you try anything already?

@peterdudfield
Copy link
Contributor

Yea, tried this and managed to get a login to work

from auth0_component import login_button

clientId = "xxx"
domain = "xxx"


ssl._create_default_https_context = ssl._create_unverified_context

def check_password():
    """Returns `True` if the user had the correct password."""

    user_info = login_button(clientId=clientId, domain=domain, key='login')

    return user_info

i had to make a new application - https://manage.auth0.com/dashboard/eu/nowcasting-dev/applications/VqaPLArS3LG97MF4uY6RSQmJV0hiNwxN/settings.

Need to get logout working ....

@peterdudfield
Copy link
Contributor

See comment here for trying to logout - conradbez/streamlit-auth0#18

@peterdudfield
Copy link
Contributor

Might be better to use https://github.com/chris-garrett/garrett-streamlit-auth0

@peterdudfield
Copy link
Contributor

Might be better to use https://github.com/chris-garrett/garrett-streamlit-auth0

This one works

@peterdudfield peterdudfield mentioned this issue Oct 13, 2023
6 tasks
@peterdudfield peterdudfield self-assigned this Oct 13, 2023
@MAYANK12SHARMA
Copy link
Contributor

Hi @peterdudfield,

Has this task been completed, or are there still some issues remaining?

@peterdudfield
Copy link
Contributor

This is done, sorry. Ill close this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
No open projects
Status: No status
Development

No branches or pull requests

3 participants