Multiplr login configurations

[ArpitaSheelvant]

Hello Team,

I am implementing custom security manager to have embedding validating our custom token. So i used AuthRemoteUserView and overriden the login method. Now as part of my fallback i want to add other login mechanisms like oauth/default db. As per my understanding FAB security doesnt support multiple mechanisms to use at once. Any recommendations on how to implement this scenario?

[dosubot[bot]]

To implement multiple authentication mechanisms in Apache Superset using Flask App Builder (FAB), you can configure different authentication types in the superset_config.py file. While FAB doesn't natively support multiple mechanisms simultaneously, you can extend the SupersetSecurityManager to handle custom logic for fallback mechanisms.

Here's a general approach:

1. Extend the Security Manager: Create a custom security manager by extending SupersetSecurityManager. Override methods to implement your custom token validation and fallback logic.

2. Configure Multiple Authentication Types: In superset_config.py, set up the primary authentication type and configure additional providers. For example, you can set AUTH_TYPE to AUTH_OAUTH and configure OAuth providers, while also setting up database authentication.

3. Custom Logic for Fallback: In your custom security manager, implement logic to try different authentication methods in sequence. For instance, first attempt to authenticate using your custom token, and if that fails, fall back to OAuth or database authentication.

Here's a simplified example of how you might configure this:

from superset.security import SupersetSecurityManager
from flask_appbuilder.security.manager import AUTH_OAUTH, AUTH_DB

class CustomSecurityManager(SupersetSecurityManager):
    def authenticate(self, request):
        # Custom token validation logic
        if self.validate_custom_token(request):
            return self.get_user_from_custom_token(request)
        
        # Fallback to OAuth
        user = self.oauth_user_info(request)
        if user:
            return user
        
        # Fallback to database authentication
        return super().authenticate(request)

# In superset_config.py
CUSTOM_SECURITY_MANAGER = CustomSecurityManager
AUTH_TYPE = AUTH_OAUTH  # Set primary auth type
# Configure OAuth and DB as needed

This setup allows you to define a sequence of authentication methods, providing flexibility in handling multiple login mechanisms.

To continue talking to Dosu, mention @dosu.

---

^{Help Dosu learn! Give it feedback: Great Response | Irrelevant Answer | Incorrect Sources | Too Verbose | Hallucination | Other}